SlideShare a Scribd company logo

Control a.18 compliance - by software outsourcing company in India

Download as PPTX, PDF
iFour Consultancy
iFour Consultancy

This presentation explain the ISO Control a.18 compliance by software outsourcing company in India http://www.ifourtechnolab.com/

Technology
1 of 12
iFour ConsultancyControl A.18 : Compliance
 A.18.1  A.18.1.1 – A.18.1.5  A.18.2  A.18.2.1 – A.18.2.3  References Contents Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.1 This control is about compliance with legal and contractual requirements. Control objective:  To avoid breaches of legal, statutory, regulatory or contractual obligations related to information security and of any security requirements.  Organization has to follow legal and contractual requirements otherwise non-conformity can be given to that organization. Application Development Company Indiahttp://www.ifourtechnolab.com
 This control explains identification of applicable legislation and contractual requirements.  Control objective:  All relevant legislative statutory, regulatory, contractual requirements and the organization’s approach to meet these requirements shall be explicitly identified, documented and kept up to date for each information system and the organization. A.18.1.1 Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.1.2 : Intellectual property rights  This control is about all intellectual property rights like copyright, patent etc to avoid unauthorized access to intellectual property of organization. Control Objective:  Appropriate procedures shall be implemented to ensure compliance with legislative, regulatory and contractual requirements related to intellectual property rights and use of proprietary software products. Application Development Company Indiahttp://www.ifourtechnolab.com
 Control A.18.1.3 explains how records should be protected after any natural disaster like earthquake, fire or any loss.  Organization should take safety measures for business continuity and disaster recovery.  Control objective:  Records shall be protected from loss, destruction, falsification, unauthorized access and unauthorized release, in accordance with legislatory, contractual and business requirements. A.18.1.3 : Protection of records Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.1.4 and A.18.1.5  Control A.18.1.4 : Privacy and protection of personally identifiable information  Objective of A.18.1.4:  Privacy and protection of personally identifiable information shall be ensured as required in relevant legislation and regulation where applicable.  Control A.18.1.5 : Regulation of cryptographic controls  Objective of A.18.1.5:  Cryptographic controls shall be used in compliance with all relevant agreements, legislation and regulations. Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.2 : Information security reviews  Control Objective:  To ensure that information security is implemented and operated in accordance with the organizational policies and procedures.  Organizational policies and procedures are reviewed by an auditor.  If these policies are not compliant then auditor will give non-conformity or suggestion. Application Development Company Indiahttp://www.ifourtechnolab.com
 This control is about Independent review of information security.  Control objective:  The organization’s approach to managing information security and its implementation shall be reviewed independently at planned intervals or when significant changes occur.  Implementation of information security:  Control objectives  Controls  Policies  Processes  Procedures A.18.2.1 Application Development Company Indiahttp://www.ifourtechnolab.com
 A.18.2.2 : Compliance with security policies and standards  Control objective:  Managers shall regularly review the compliance of information processing and procedures within their area of responsibility with the appropriate security policies, standards and any other security requirements.  A.18.2.3 : Technical compliance review  Control objective:  Information systems shall be regularly reviewed for compliance with the organization’s information security policies and standards. A.18.2.2 and A.18.2.3 Application Development Company Indiahttp://www.ifourtechnolab.com
References http://www.slideshare.net/null0x00/iso-27001-2013-changes http://www.bsigroup.com/LocalFiles/en-GB/iso-iec-27001/resources/BSI- ISO27001-transition-guide-UK-EN-pdf.pdf https://en.wikipedia.org/wiki/ISO/IEC_27001:2013 http://www.iso27001security.com/html/27001.html Application Development Company Indiahttp://www.ifourtechnolab.com
iFour Consultancy Services  Visit these websites for more details: http://www.ifour-consultancy.com http://www.ifourtechnolab.com THANK YOU!!! Application Development Company Indiahttp://www.ifourtechnolab.com

Recommended

Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...
iFour Consultancy
 
ISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in india
iFour Consultancy
 
A18 compliance
A18 complianceA18 compliance
A18 compliance
ifourkhushbooshah
 
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
iFour Consultancy
 
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
iFour Consultancy
 
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
iFour Consultancy
 
ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6
Pooja Soni
 
IS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in indiaIS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in india
iFour Consultancy
 

Recommended

Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...
iFour Consultancy
 
ISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in india
iFour Consultancy
 
A18 compliance
A18 complianceA18 compliance
A18 compliance
ifourkhushbooshah
 
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
iFour Consultancy
 
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
iFour Consultancy
 
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
iFour Consultancy
 
ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6
Pooja Soni
 
IS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in indiaIS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in india
iFour Consultancy
 
A11 part 1
A11 part 1A11 part 1
A11 part 1
ifourkhushbooshah
 
Comparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT frameworkComparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT framework
Pooja Soni
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & compliance
Vandana Verma
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to security
Raghunath G
 
Shivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagementShivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagement
shivanishuks
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access Pass
A-lign
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
Midhun Nirmal
 
ISO/IEC 27001:2005
ISO/IEC 27001:2005ISO/IEC 27001:2005
ISO/IEC 27001:2005
Fuangwith Sopharath
 
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCALead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
myTectra Learning Solutions Private Ltd
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security Management
EC-Council
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
PriyaNemade
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013
SAIGlobalAssurance
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
NQA
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCM
Shantanu Rai
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
PECB
 
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaIso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in india
iFour Consultancy
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001
Chandan Singh Ghodela
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
Reza Teynia ISMS, ITSM, MSc
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
Craig Willetts ISO Expert
 
Integrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyIntegrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to Many
ControlCase
 
Watkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics RequirementsWatkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics Requirements
Andrea Contres Moore, MBA
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
kenjordan97598
 

More Related Content

What's hot

Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013
SAIGlobalAssurance
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
NQA
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
PECB
 

What's hot (20)

A11 part 1
A11 part 1A11 part 1
A11 part 1
 
Comparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT frameworkComparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT framework
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & compliance
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to security
 
Shivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagementShivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagement
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access Pass
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 
ISO/IEC 27001:2005
ISO/IEC 27001:2005ISO/IEC 27001:2005
ISO/IEC 27001:2005
 
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCALead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security Management
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCM
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
 
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaIso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in india
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 
Integrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyIntegrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to Many
 

Similar to Control a.18 compliance - by software outsourcing company in India

Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
kenjordan97598
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
bagotjesusa
 
Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...
padler01
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPR
FIDO Alliance
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security Solution
Precisely
 
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptxKuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Reza743349
 

Similar to Control a.18 compliance - by software outsourcing company in India (20)

Watkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics RequirementsWatkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics Requirements
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
 
Healthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUSTHealthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUST
 
20160317 ARMA Wyoming Governance for Social Media
20160317 ARMA Wyoming Governance for Social Media20160317 ARMA Wyoming Governance for Social Media
20160317 ARMA Wyoming Governance for Social Media
 
Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...
 
Meaningful Use Core Measure 15 Webinar
Meaningful Use Core Measure 15 WebinarMeaningful Use Core Measure 15 Webinar
Meaningful Use Core Measure 15 Webinar
 
VG PPT.docx
VG PPT.docxVG PPT.docx
VG PPT.docx
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPR
 
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCUnderstanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
 
Funsec3e ppt ch07
Funsec3e ppt ch07Funsec3e ppt ch07
Funsec3e ppt ch07
 
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
 
Explain your algorithmic decisions for gdpr
Explain your algorithmic decisions for gdprExplain your algorithmic decisions for gdpr
Explain your algorithmic decisions for gdpr
 
An Overview of the Major Compliance Requirements
An Overview of the Major Compliance RequirementsAn Overview of the Major Compliance Requirements
An Overview of the Major Compliance Requirements
 
Safety audit
Safety audit Safety audit
Safety audit
 
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security Solution
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymond
 
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptxKuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptx
 

Recently uploaded

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Recently uploaded (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 

Control a.18 compliance - by software outsourcing company in India

  • 2.  A.18.1  A.18.1.1 – A.18.1.5  A.18.2  A.18.2.1 – A.18.2.3  References Contents Application Development Company Indiahttp://www.ifourtechnolab.com
  • 3. A.18.1 This control is about compliance with legal and contractual requirements. Control objective:  To avoid breaches of legal, statutory, regulatory or contractual obligations related to information security and of any security requirements.  Organization has to follow legal and contractual requirements otherwise non-conformity can be given to that organization. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 4.  This control explains identification of applicable legislation and contractual requirements.  Control objective:  All relevant legislative statutory, regulatory, contractual requirements and the organization’s approach to meet these requirements shall be explicitly identified, documented and kept up to date for each information system and the organization. A.18.1.1 Application Development Company Indiahttp://www.ifourtechnolab.com
  • 5. A.18.1.2 : Intellectual property rights  This control is about all intellectual property rights like copyright, patent etc to avoid unauthorized access to intellectual property of organization. Control Objective:  Appropriate procedures shall be implemented to ensure compliance with legislative, regulatory and contractual requirements related to intellectual property rights and use of proprietary software products. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 6.  Control A.18.1.3 explains how records should be protected after any natural disaster like earthquake, fire or any loss.  Organization should take safety measures for business continuity and disaster recovery.  Control objective:  Records shall be protected from loss, destruction, falsification, unauthorized access and unauthorized release, in accordance with legislatory, contractual and business requirements. A.18.1.3 : Protection of records Application Development Company Indiahttp://www.ifourtechnolab.com
  • 7. A.18.1.4 and A.18.1.5  Control A.18.1.4 : Privacy and protection of personally identifiable information  Objective of A.18.1.4:  Privacy and protection of personally identifiable information shall be ensured as required in relevant legislation and regulation where applicable.  Control A.18.1.5 : Regulation of cryptographic controls  Objective of A.18.1.5:  Cryptographic controls shall be used in compliance with all relevant agreements, legislation and regulations. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 8. A.18.2 : Information security reviews  Control Objective:  To ensure that information security is implemented and operated in accordance with the organizational policies and procedures.  Organizational policies and procedures are reviewed by an auditor.  If these policies are not compliant then auditor will give non-conformity or suggestion. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 9.  This control is about Independent review of information security.  Control objective:  The organization’s approach to managing information security and its implementation shall be reviewed independently at planned intervals or when significant changes occur.  Implementation of information security:  Control objectives  Controls  Policies  Processes  Procedures A.18.2.1 Application Development Company Indiahttp://www.ifourtechnolab.com
  • 10.  A.18.2.2 : Compliance with security policies and standards  Control objective:  Managers shall regularly review the compliance of information processing and procedures within their area of responsibility with the appropriate security policies, standards and any other security requirements.  A.18.2.3 : Technical compliance review  Control objective:  Information systems shall be regularly reviewed for compliance with the organization’s information security policies and standards. A.18.2.2 and A.18.2.3 Application Development Company Indiahttp://www.ifourtechnolab.com
  • 12. iFour Consultancy Services  Visit these websites for more details: http://www.ifour-consultancy.com http://www.ifourtechnolab.com THANK YOU!!! Application Development Company Indiahttp://www.ifourtechnolab.com

Editor's Notes

  1. Application Development Company India - http://www.ifourtechnolab.com/
  2. Application Development Company India - http://www.ifourtechnolab.com/
  3. Application Development Company India - http://www.ifourtechnolab.com/
  4. Application Development Company India - http://www.ifourtechnolab.com/
  5. Application Development Company India - http://www.ifourtechnolab.com/
  6. Application Development Company India - http://www.ifourtechnolab.com/
  7. Application Development Company India - http://www.ifourtechnolab.com/
  8. Application Development Company India - http://www.ifourtechnolab.com/
  9. Application Development Company India - http://www.ifourtechnolab.com/
  10. Application Development Company India - http://www.ifourtechnolab.com/
  11. Application Development Company India - http://www.ifourtechnolab.com/
  12. Application Development Company India - http://www.ifourtechnolab.com/