Professional Documents
Culture Documents
CASE STUDY - Cyber Strategy & Governance: 09/04/2024 Confidential 1
CASE STUDY - Cyber Strategy & Governance: 09/04/2024 Confidential 1
Case : You are doing ISO 27001 audit of XYZ organization & you observed that one of the employee has shared company sensitive information on his personal Gmail
account
09/04/2024 CONFIDENTIAL 1
ISO 27001 is the international standard that describes best practice for an ISMS (information security
management system).The Standard takes a risk-based approach to information security.
Annexures Controls
• Responsibility of Assets
Annex A.13: Asset
• Information Classification
Management
09/04/2024 CONFIDENTIAL 2
09/04/2024 CONFIDENTIAL 3