5.8 Information Security in Project Management

Control

Information security should be integrated into project management.

Purpose

Regardless of a project’s complexity, size, duration, or application, security should be considered in every project at an early stage. Every project should require that information security risk be assessed and treated initially. Intellectual property rights are addressed, and internal and external communications are considered throughout the project.

Implementation Guidance

Security measures differ from one project to another depending on the nature of the project. Nonetheless, the adequacy of information security considerations and activities should be evaluated at predefined stages by an appropriate individual or governing body, such as Project Steering Committee. In addition, responsibilities, and authorities for information security relevant to the project should be defined.

ISO 27001

Find out more about our ISO 27001 Consultancy Services
ISO 27001 Consultancy
< Back to Controls
ISO 27001:2022

Organisational Controls

AvISO will be updating and reviewing all the information regularly, so keep us bookmarked and keep checking!

Got a question or need help? Don't hesitate to reach out to our team.

Need help with an ISO?

By filling out this form, you agree to the terms laid out in our privacy policy
Thanks, We'll reply asap
Request Failed to send, please check fields

27002:2022 Related Controls

CLick to view control
5.1 Policies for Information Security
5.2 Information Security Roles and Responsibilities
5.3 Segregation of Duties
5.4 Management Responsibilities
5.5 Contact with Authorities
5.6 Contact with Special Interest Groups
5.7 Threat Intelligence
5.8 Information Security in Project Management
5.9 Inventory of Information and Other Associated Assets
5.10 Acceptable use of Information and Other Associated Assets
5.11 Return of Assets
5.12 Classification of information
5.13 Labelling of Information
5.14 Information Transfer
5.15 Access Control
5.16 Identity Management
5.17 Authentication Information
5.18 Access Rights
5.19 Information Security in Supplier Relationships
5.20 Addressing Information Security Within Supplier Agreements
5.21 Managing Information Security in the ICT Supply Chain
5.22 Monitoring, Review and Change Management of Supplier Services
5.23 Information Security For The Use of Cloud Services
5.24 Information Security Incident Management Planning and Preparation
5.25 Assessment and Decision on Information Security Events
5.26 Response to IS Incidents
5.27 Learning from Information Security Incidents
5.28 Collection of Evidence
5.29 Information Security During Disruption
5.30 ICT Readiness for Business Continuity
5.31 Legal, Statutory, Regulatory and Contractual Requirements
5.32 Intellectual Property Rights
5.33 Protection of Records
5.34 Privacy and Protection of PII
5.35 Independent Review of Information Security
5.36 Compliance with Policies, Rules and Standards for Information Security
5.37 Documented Operating Procedures
ask a question

If you would like to know more about ISO Standards, Certification and the value of a good management system you can add to your business we would love to hear from you: Kent: 01892 800476 | London: 02037 458 476 | info@avisoconsultancy.co.uk

By filling out this form, you agree to the terms laid out in our privacy policy
Thank you!
Your submission has been received, one of our team members will be in touch soon.
Oops! Something went wrong while submitting the form.
ISO consultants kent
By clicking “Continue To Site”, you agree to the storing of cookies on your device to enhance site navigation, analyse site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Continue To Site