Safety procedures – KIT ISO 27001:2024
The “safety procedures” of the ISO 27001:2024 management system are characterized by the presence of technical controls that express their effectiveness provided they are integrated into the same process.
The safety procedures are:
- PSI-01 – Access Control
- PSI-02 – Physical Security
- PSI-03 – Networking
- PSI-04 – Incident Preparation and Management
Controls applied
- Access control
- Identity management
- Authentication information
- Access rights
- User terminal devices
- Privileged access rights
- Restriction of access to information
- Access to source code
- Secure authentication
Safety procedures and technical personnel
These procedures, as part of the functioning of the information security management system, unlike what happens with business procedures, oversee processes controlled by technical personnel such as:
- L’Asset manager
- The System Administrator
- The person responsible for the information system
- Il data protection officer – DPO
In the information security plan of the ISO 27001:204 procedures document kit, all the controls required by Annex (appendix) A of ISO/IEC 27001:2024 have been considered .
