Forum Discussion
ISO/IEC 27001 ISMS in SharePoint Online - Mapping controls to risks
After some guidance on an approach to the following challenge please... I'd like to extend the very basic functionality of a simple risk register SP list by recording existing or required ISO 270...
I'm in the process of looking at moving from my older excel templates to something a bit more usable within SP. I'm also involved in a project looking at mapping other standards too, as part of defining security standards relevant to education settings ... so whatever I have within SP needs to be able to flow out to external resources.
PowerAutomate is pretty useful for flowing actions / data out of SP to other resources - there's a bunch of connectors to other systems if simple email isnt sufficient.
As far as mapping to other standards, I'm sure you're aware that there's already heaps of resources available for mapping controls - just be aware that many these mappings forget that ISO 27001 is more than just the controls in Annex A. The management system processes in clauses 4 - 10 also need to be mapped...
As far as mapping to other standards, I'm sure you're aware that there's already heaps of resources available for mapping controls - just be aware that many these mappings forget that ISO 27001 is more than just the controls in Annex A. The management system processes in clauses 4 - 10 also need to be mapped...