Exchange of information Security Audit Checklist
Exchange of information Security Audit Checklist
Clause 10.8 ISO 27001
1. Information exchange policies and procedures
• Whether there is a formal exchange policy, procedure and control in place to ensure the protection of information.
• Does the procedure and control cover using electronic communication facilities for information exchange.
2. Exchange Agreements
• Whether agreements are established concerning exchange of information and software between the organization and external parties.
• Whether the security content of the agreement reflects the sensitivity of the business information involved.
3. Physical media in transit
• Whether media containing information is protected against unauthorized access, misuse or corruption during transportation beyond the organization’s physical boundary.
4. Electronic messaging
• Whether the information involved in electronic messaging is well protected.
• Electronic messaging includes but is not restricted to Email, Electronic Data Interchange, Instant Messaging).
5. Business Information systems
• Whether policies and procedures are developed and enforced to protect information associated with the interconnection of business information systems.
Related documents
Advertisement
Sponsor sites:
1. Phrases For Performance Appraisals.
2. Interview questions and answers.
This entry was posted
on Tuesday, November 24th, 2009 at 4:11 pm and is filed under ISO 27001 checklist.
You can leave a response, or trackback from your own site.
