Examen
ISO 27001 EXAM-NEW UPDATED
- Grado
- Institución
ISO 27001 EXAM-NEW UPDATED...
[Mostrar más]Vista previa 2 fuera de 6 páginas
Vista previa 2 fuera de 6 páginas
Añadir al carrito
Añadir al carrito
Vendedor
Seguir
luzlinkuz
Comentarios recibidos
Vista previa del contenido
ISO 27001 EXAM-NEW UPDATEDWhat is the scope of the certification?
The delivery and development of the Stravito Service
What happens during the Stage 1 audit?
a review to ensure that all necessary documents, policies and processes exist
What happens during the second audit?
Ensure we work by the policies in place. Done through interviews and reviewal
of "proof" such as audit logs and information about the configuration of our
technical infrastructure.
In one sentence what is the scope of the current ISMS?
The Stravito platform and the development of it.
What is your information security policy?
Our Information Security Handbook & Policy targets all employees at
Stravito. Except Incident management processes and Risk management
processes
How is security awareness performed and measured?
Annual security awareness training for all employees AND targeted training for
certain teams (Tech, GM)
Is leadership committed to Information Security?
YES ! InfoSec is an essential part of Stravito SaaS platform. Our customers rely
on us to keep their confidential information safe, which we are contractually
obligated to.
What are the long term goals and objectives with Information Security?
To ensure that we build a product that is both secure and trustworthy. Security
is a cornerstone of our business in order for us to to keep existing customers
and gain new customers. (add more)
, How do GM review the efficiency of the ISMS?
Through a management review process. - - Head of Security keeps GM
informed about ongoing activities and risks, with a feedback loop for
continuous improvement of the ISMS. We also set quarterly OKR's reflecting
the ongoing activities.
Could you explain the three lines of defense model?
the 1st line of defense managers -> enough resources to work with risk
management and infosec and employees -> day to day work at an operational
level, i.e. identifying risk and implementing security controls
2nd line of defense consists of organisational functions supporting general
management in creating policies, processes and procedures and supporting the
rest of the organisation with expert knowledge and training.
the 3rd line of defense consists of audit functions ensuring that the 2nd line of
defense does what they are assigned to do
What is the CEO's role in the ISMS?
the CEO is the owner of the information security policy
the ceo delegates the responsibility for security-related documentation to the
head of security.
all policy changes must be approved and signed by the head of security.
the ceo is also accountable for processing of personal data where stravito is
the data processor..
What are the interested parties of stravito's ISMS?
ceo
general management,
head of security
customers (of the stravito cloud service),
data protection agencies
Los beneficios de comprar resúmenes en Stuvia estan en línea:
Garantiza la calidad de los comentarios
Compradores de Stuvia evaluaron más de 700.000 resúmenes. Así estas seguro que compras los mejores documentos!
Compra fácil y rápido
Puedes pagar rápidamente y en una vez con iDeal, tarjeta de crédito o con tu crédito de Stuvia. Sin tener que hacerte miembro.
Enfócate en lo más importante
Tus compañeros escriben los resúmenes. Por eso tienes la seguridad que tienes un resumen actual y confiable. Así llegas a la conclusión rapidamente!
Preguntas frecuentes
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
100% de satisfacción garantizada: ¿Cómo funciona?
Nuestra garantía de satisfacción le asegura que siempre encontrará un documento de estudio a tu medida. Tu rellenas un formulario y nuestro equipo de atención al cliente se encarga del resto.
Who am I buying this summary from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller luzlinkuz. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy this summary for 11,25 €. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
45,681 summaries were sold in the last 30 days
Founded in 2010, the go-to place to buy summaries for 14 years now