Академический Документы
Профессиональный Документы
Культура Документы
Date
Detail
Author
1.0
25/03/2011
Jo White
1.0
26/04/2011
Jo White
2.0
26/05/2011
Jo White
3.0
30/05/2012
Jo White
4.0
27/06/2013
Jo White
5.0
14/07/2014
Jo White
This document has been prepared using the following ISO27001 standard controls as reference:
ISO Control
Description
A.6.1.1 > 4
A.8.2.1
Management responsibilities
A.8.2.2
A.10.1.2.
Change management
A.10.1.4
A.10.3.1
Capacity management
A.10.3.2
System acceptance
A.10.5.1
Information back-up
A.11.2.1 > 4
A.11.5.4
A.11.6.1
A.11.6.2
A.12.1.1
A.12.2.1 > 4
A.12.4.1 > 3
A.12.5.1 > 3
A.12.5.5
these may need to be reconstructed if the acquirer wants to link into those
systems, too.
Network & infrastructure?-A network diagram showing network entry points,
firewalls, servers etc.
Software utilized?-A list of product development tools utilized, including costs
& current licensing terms.
Hardware?-A list of all computer server hardware, whether it is owned or
leased, and current value. Include operating systems and versions.
Related document:
Customers?-A log of customer technical support calls / questions for the past
four months. A description of the implementation process for a new customer
Tentative questionnaire:
Legal systems?-Some organizations have custom-made software that requires
considerable resources to maintain. The team should locate these systems,
determine their annual maintenance cost, decide whether they should be
replaced with other systems, and estimate the replacement cost.
Disaster recovery plan?-. Is there a disaster recovery plan that states how
information is to be backed up and recovered in the event of a system
failure? Is the plan tested regularly? Is there a backup IT facility that is ready
to take over if the main facility is destroyed?
Interfaces?-Investigate the interfaces that the company uses to link together
its systems. Any interfaces of particular complexity should be noted, since
these may need to be reconstructed if the acquirer wants to link into those
systems, too.