Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Quick Learning Lesson On CA System

    Загружено:

    vyerramalla
    34 просмотров6 страниц
    Useful as a quick reference for determining corrective actions as part ISMS implementation

    Оригинальное название

    Quick Learning Lesson on CA System

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    Useful as a quick reference for determining corrective actions as part ISMS implementation

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    34 просмотров6 страниц

    Quick Learning Lesson On CA System

    Загружено:

    vyerramalla
    Useful as a quick reference for determining corrective actions as part ISMS implementation

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 6

    Quick Learning Lesson

    R
    o
    o
    t

    C
    a
    u
    s
    e

    A
    n
    a
    l
    y
    s
    i
    s

    a
    n
    d

    C
    o
    r
    r
    e
    c
    t
    i
    v
    e

    A
    c
    t
    i
    o
    n
    Page | 1
    Quick Learning Lesson on
    Corrective Action System
    - With specific reference to ISO 27001: 2013
    For
    M/s. Delasoft
    Quick Learning Lesson
    R
    o
    o
    t

    C
    a
    u
    s
    e

    A
    n
    a
    l
    y
    s
    i
    s

    a
    n
    d

    C
    o
    r
    r
    e
    c
    t
    i
    v
    e

    A
    c
    t
    i
    o
    n
    Page | 2
    Definitions
    Nonconformity
    Correction
    Corrective Action
    Quick Learning Lesson
    R
    o
    o
    t

    C
    a
    u
    s
    e

    A
    n
    a
    l
    y
    s
    i
    s

    a
    n
    d

    C
    o
    r
    r
    e
    c
    t
    i
    v
    e

    A
    c
    t
    i
    o
    n
    Page | 3
    Definitions
    Nonconformity
    A deviation from policy or procedure or standard
    Any equipment or process or software that does not meet its
    required information security specifications.
    Examples
    A loose password non complying with Password Policy
    Files stored on desktop without locking the screen non
    complying with the Clear Screen Policy.
    An Open Source SW installed without any authorization non
    compliance with Software Installation Policy
    Quick Learning Lesson
    R
    o
    o
    t

    C
    a
    u
    s
    e

    A
    n
    a
    l
    y
    s
    i
    s

    a
    n
    d

    C
    o
    r
    r
    e
    c
    t
    i
    v
    e

    A
    c
    t
    i
    o
    n
    Page | 4
    Definitions
    Correction
    Action taken to rectify Nonconformity
    Refers to immediate work around, uninstallation of a program, rework,
    or adjustment and relates to the disposition of an existing
    nonconformity
    Examples
    Non-conformity Correction
    A loose password Change the Password
    Files stored on desktop Move the files to concerned folders
    Open Source SW found Installed Uninstall the SW
    Quick Learning Lesson
    R
    o
    o
    t

    C
    a
    u
    s
    e

    A
    n
    a
    l
    y
    s
    i
    s

    a
    n
    d

    C
    o
    r
    r
    e
    c
    t
    i
    v
    e

    A
    c
    t
    i
    o
    n
    Page | 5
    Root Cause Analysis
    Problem,
    or
    Deviation
    or
    Loss
    Immediate
    Event
    Root
    Cause
    Inadequate
    Controls
    or
    Improper
    Implement
    ation
    LOSS CONTROL MODEL
    Change the
    Systems
    Lack of
    Attitude
    Lack of
    Awareness
    Training
    Quick Learning Lesson
    R
    o
    o
    t

    C
    a
    u
    s
    e

    A
    n
    a
    l
    y
    s
    i
    s

    a
    n
    d

    C
    o
    r
    r
    e
    c
    t
    i
    v
    e

    A
    c
    t
    i
    o
    n
    Page | 6
    Definitions
    Corrective Action
    Action taken to prevent recurrence of a Nonconformity identified.
    To identify and eliminate the causes of existing nonconformity and
    other information security vulnerabilities.
    Examples
    Non-conformity Correction Corrective Action
    A loose password Change the
    Password
    Rule based password creation
    Creating Awareness through Training
    Files stored on
    desktop
    Move the files to
    concerned folders
    Creating Awareness through Training
    and Displays
    Open Source SW
    found Installed
    Uninstall the SW Removal of Administrative Priviliges for
    the Users

    Вам также может понравиться