You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

5.2.2 -The repository shall have implemented controls to adequately address each of the defined security risks.

Supporting Text

This is necessary in order to ensure that controls are in place to meet the security needs of the repository.

Examples of Ways the Repository can Demonstrate it is Meeting this Requirement

Repository employs the codes of practice found in the ISO 27000 series of standards; system control list; risk, threat, or control analyses; and addition of controls based on ongoing risk detection and assessment. Repository maintains ISO 17799 certification.

  • No labels