SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

Expert Advice Community

Home / ISO 27001 & 22301 / Access control

Guest

Access control

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Access control

ISO 27001 & 22301
What is the best way to set up within our organization the team that do the acces control task, in order to have a correct segregation of responsabilities.
0 0

Assign topic to the user

ISO 27001 ACCESS CONTROL POLICY

Define the rules for access to various systems.

ISO 27001 ACCESS CONTROL POLICY

Define the rules for access to various systems.
Guest
Guest post Jan 12, 2016

Answer: The system owner, be it business or IT, has to define the access rights fo users and approve how this will be implemented. There is however no team needed for this task.

The person defining and assigning the access rights should make sure segregation of duties is achieved between 1) the person(s) who performs the activity and 2) the person who verifies if the rules were complied with.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Guest user Created:   Nov 26, 2020 ISO 27001 & 22301
Replies: 1
0 0

Access control
Guest user Created:   Nov 26, 2020 ISO 27001 & 22301
Replies: 1
0 0

Access control
Guest user Created:   May 22, 2020 ISO 27001 & 22301
Replies: 1
0 0

Compliance with the access control policy