У нас вы можете посмотреть бесплатно How to implement ISO 27001 Annex A 8.7 Protection Against Malware или скачать в максимальном доступном качестве, которое было загружено на ютуб. Для скачивания выберите вариант из формы ниже:
Если кнопки скачивания не
загрузились
НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если возникают проблемы со скачиванием, пожалуйста напишите в поддержку по адресу внизу
страницы.
Спасибо за использование сервиса savevideohd.ru
In this tutorial video I show you how to implement ISO 27001 Protection Against Malware and pass the audit. This step by step tutorial walks you through how to implement it, pass the audit, common mistakes people make and what an auditor will look for. The ISO 27001 standard was updated in 2022 with changes to ISO 27001 Protection Against Malware and this the ISO 27001:2022 updated changes to Annex A 8.7 and exactly what do you need to do. Resources and Links ____________________________________________ ► Download the Ultimate ISO 27001 Toolkit: https://hightable.io/product/iso-2700... ► Read the blog that accompanies the video: https://hightable.io/iso-27001-annex-... ____________________________________________ ISO 27001 Annex A 8.7 Malware and viruses are one of the most prolific threats for information security exploiting weakness in human behaviour and technical systems. The protection against malware is an update to the standard to look more broadly at threats than just viruses. How to implement ISO 27001 Clause 8.7 1. Have a topic specific Protection Against Malware Policy You will implement a topic specific policy that sets out what you do for the protection against malware. 2. Assess your threats for malware and perform a risk assessment For each asset type perform a risk assessment. Based on the risk assessment implement the appropriate controls to mitigate the risk. 3. Implement technical controls for the prevention of malware Based on risk and business need implement the technical controls to protect from malware such as antivirus software, email security software, anti phishing technologies, firewalls, patch management. Ensure logging and monitoring is in place. 4. Implement process controls for the prevention of malware Implement training and communication. Ensure there is a program of awareness and education. Implement appropriate response plans that includes incident response, back up and recovery, disaster recovery. 5. Keep records For audit purposes you will keep records. Examples of the records to keep include changes, updates, monitoring, review and audits. 6. Test the controls that you have to make sure they are working Perform internal audits that include the testing of the controls to ensure that they are working. #iso27001 #isms