Electronic commerce services Security Audit Checklist
Electronic commerce services Security Audit Checklist
Clause 10.9 ISO 27001
1. Electronic commerce
• Whether the information involved in electronic commerce passing over the public network is protected from fraudulent activity, contract dispute, and any unauthorized access or modification.
• Whether Security control such as application of cryptographic controls are taken into consideration.
• Whether electronic commerce arrangements between trading partners include a documented agreement, which commits both parties to the agreed terms of trading, including details of security issues.
2. On-line transactions
• Whether information involved in online transactions is protected to prevent incomplete transmission, mis-routing, unauthorized message alteration, unauthorized disclosure, unauthorized message duplication or replay.
3. Publicly available information
• Whether the integrity of the publicly available information is protected against any unauthorized modification.
Related documents
Advertisement
Sponsor sites:
1. Phrases For Performance Appraisals.
2. Interview questions and answers.
This entry was posted
on Tuesday, November 24th, 2009 at 4:15 pm and is filed under ISO 27001 checklist.
You can leave a response, or trackback from your own site.
