Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook
Topics
ISO 27001
NIS2
Getting started
Framework management
Product security
Settings & advanced
Trial and subscription
User management
Community
Documentation
Personnel guidelines
Reporting
Task management
GDPR
Internal auditing
Personnel security
Risk management
Working as a partner
Continuous improvement
Team collaboration
Show all topics
Webinars
ISO 27001: Build a cyber security plan, that gets you compliant
Intro to NIS2 directive, local NIS2 laws and Cyberday ISMS
Show all webinars
Videos
Asset documentation
Continuously improving your ISMS
Cyberday overall intro
ISO 27001 and certification audit fundamentals
ISO 27001 and personnel awareness
ISO 27001 and risk management
ISO 27001 introduction
NIS2 introduction
Show all videos
Helps
Admins
Documentation
Frameworks
Guideline mgmt
Other features
Partners
Reporting
Setup and integrations
Task mgmt
User management
Show all helps
Blogs
NIS2 national legistation, ransomware and a new development forum: Cyberday product and news round-up 9/2024 🛡️
Corporate Security Alert: Identifying Dangerous Apps on Employee Phones
IT and OT Cyber Security: Different Environments, Different Priorities
Cyber Security in Supply Chain Risk Management
Spreadsheet vs. ISMS tool - top 10 reasons why a tool is better than the traditional way
Show all blogs
Content library
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Cyberday.ai
Get started
Login
Content library
ISO 27001

Protection of information systems during audit testing

8.34
ISO 27001

Protection of data systems during audit-related testing

Critical
High
Normal
Low

Reviews and other verification actions e.g. during audits, that target data systems, must be planned in advance and agreed with the appropriate testers and management. This aims to minimize the impact of actions on operational processes.

When planning practices, the following points must be taken into account:

  • inspection requests are approved with the appropriate responsible person
  • the scope of technical tests is agreed in advance and their the implementation is monitored
  • tests are restricted to read-only use as far as possible or are only implemented by experienced system administrators
  • fulfilment of security requirements is ensured in advance on devices that require access to systems
  • tests that may affect the availability of important systems, are performed outside office hours
  • the actions taken during the inspections and the access rights granted for them are recorded in a log
See an example process description from task's page
Connected other frameworks and requirements:
8.34: Protection of information systems during audit testing
ISO 27001
No items found.

Subscribe to Academy today

Elevate Your Knowledge with Exclusive Access to Weekly Webinars, Video Courses, Help Articles, and Blogs.

Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Topics
Reporting
Getting started
Settings & advanced
Community
Product security
Show all
Webinars
ISO 27001: Build a cyber security plan, that gets you compliant
Intro to NIS2 directive, local NIS2 laws and Cyberday ISMS
Show all
Videos
ISO 27001 introduction
NIS2 introduction
ISO 27001 and certification audit fundamentals
Asset documentation
ISO 27001 and personnel awareness
Show all
Helps
Documentation
Partners
Other features
Reporting
Guideline mgmt
Show all
Blogs
NIS2 national legistation, ransomware and a new development forum: Cyberday product and news round-up 9/2024 🛡️
Corporate Security Alert: Identifying Dangerous Apps on Employee Phones
IT and OT Cyber Security: Different Environments, Different Priorities
Cyber Security in Supply Chain Risk Management
Spreadsheet vs. ISMS tool - top 10 reasons why a tool is better than the traditional way
Show all
Content library
Open content libraryLabs
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.