Webinar: ISO Bootcamp Webinar Series: Part 2 - Annex A Controls
Getting ISO 27001 certified is often a necessity to win more business and the more you dig into becoming compliant, the more confusing it gets. That’s why we’re doing a three-part ISO 27001 Bootcamp, breaking it all down for you.
In part two of ISO 27001 Bootcamp we cover:
- An overview of the Annex A Controls
- The Statement of Applicability
00:00 - 02:00 Introductions and housekeeping
02:05 - 06:58 Overview of the Structure of ISO27001
06:59 - 10:40 Statement of Applicability
10:41 - 14:10 Tugboat Logic demonstration of Statement of Applicability
14:13 - 16:40 Overview of the 14 domains
17:00 - 21:26 Domain 7: Human Resources Security
21:30 - 25:10 Management responsibilities
25:20 - 36:30 Domain 9: Access Controls
36:32 - 45:30 Domain 15: Supplier Relations
46:20 - 49:11 Do the controls come from the risk assessment and is a risk assessment a requirement for ISO27001?
49:22 - 50:00 Does IS027001 require or advise a certain methodology when conducting a risk assessment?
50:05 - 51:30 Should all vendors be in scope and how do you distinguish between the vendors that will be in scope?