Annex A.5 Flashcards
A.5.1
Information Security policies
A.5.2
Information Security roles and responsibilities
A.5.3
Segregation of Duty
A.5.4
Management responsibilities
A.5.5
Contact with Government Authorities
A.5.6
Contact with special interest groups
A.5.7
Threat intelligence
A.5.8
Information security in projects management
A.5.9
Inventory of Information and other associated assets
A.5.10
Acceptable use of information and other associated assets
A.5.11
Return of assets
A.5.12
Classification of Information
A.5.13
Labelling of Information
A.5.14
Information Transfer
A.5.15
Access control
A.5.16
Identity Management
A.5.17
Authentication information
A.5.18
Access rights
A.5.19
Information Security in supplier relationship
A.5.20
Addressing information security within supplier agreements
A.5.21
Managing information security in the ICT supply chain
A.5.22
Monitoring and review and change management of supplier service
A.5.23
Information Security for use of cloud service
A.5.24
Information Security incident management planning and preparation
A.5.25
Information assessment and decision on information security event
A.5.26
Response to information security incidents
A.5.27
Learning from information security incidents
A.5.28
Collection of evidence
A.5.29
Information Security during disruption
A.5.30
ICT readiness for Business continuity
A.5.31
Legal, statutory, regulatory, and contractual requirements
A.5.32
intellectual property rights
A.5.33
Protection of Record
A.5.34
Privacy and protection of PIi
A.5.35
Independent review of information security
A.5.36
Compliance with policies, rules, and standard for information security
A.5.37
Documented operating procedures
