In ISO27001, Clause 8, we focus on Operations, and specifically about the operational controls around the Information Security Management System itself.
There are only 3 sections within Clause 8, and these are;
8.1 - Operational Controls and Planning
8.2 - Information Security Risk Assessment
8.3 - Information Security Risk Treatment
It's only a small clause, but as always it's an important one and one that often leads to misunderstanding.
If you want more information or to see our courses that help organisations implement the standard, then please go take a look at our website www.consultant... .
6 мар 2023
