Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Objective: It is important, that a common understanding of the division of responsibilities exists and that the implementation of all security requirements is ensured. Therefore, when using external IT service providers and IT services, the responsibilities regarding the implementation of information security measures are to be defined and verifiably documented.
Requirements (must): The concerned services and IT services used are identified.
The security requirements relevant to the IT service are determined:
The organization responsible for implementing the requirement is defined and aware of its responsibility.
Mechanisms for shared responsibilities are specified and implemented.
The responsible organization fulfils its respective responsibilities.
Requirements (should): "+ In case of IT services, configuration has been conceived, implemented, and documented based on the necessary security requirements.
The responsible staff is adequately trained.
Objective: It is important, that a common understanding of the division of responsibilities exists and that the implementation of all security requirements is ensured. Therefore, when using external IT service providers and IT services, the responsibilities regarding the implementation of information security measures are to be defined and verifiably documented.
Requirements (must): The concerned services and IT services used are identified.
The security requirements relevant to the IT service are determined:
The organization responsible for implementing the requirement is defined and aware of its responsibility.
Mechanisms for shared responsibilities are specified and implemented.
The responsible organization fulfils its respective responsibilities.
Requirements (should): "+ In case of IT services, configuration has been conceived, implemented, and documented based on the necessary security requirements.
The responsible staff is adequately trained.
In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.
In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.
When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.
Sets the overall compliance standard or regulation your organization needs to follow.
.svg)
.svg)
.svg)
Break down the framework into specific obligations that must be met.
.svg)
Concrete actions and activities your team carries out to satisfy each requirement.
Documented rules and practices that are created and maintained as a result of completing tasks.
