What would be the reference for you to know who should have access to data/document?

ISO-IEC-27001 Lead Auditor V1 0 Comments

What would be the reference for you to know who should have access to data/document?
A . Data Classification Label
B . Access Control List (ACL)
C . Masterlist of Project Records (MLPR)
D . Information Rights Management (IRM)

Answer: B

Explanation:

The reference for you to know who should have access to data/document is the Access Control List (ACL), which is a list of users or groups who are authorized to access a specific data/document and their respective access rights (such as read, write, modify, delete, etc.). The ACL is a tool for implementing the access control policy of the organization, which is defined in accordance with ISO/IEC 27001:2022 clause 9.4.1. The ACL should be maintained and updated regularly to ensure that only authorized users can access the data/document.

Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], [ISO/IEC 27001:2022 Information technology ― Security techniques ― Information security management systems ― Requirements]

Latest ISO-IEC-27001 Lead Auditor Dumps Valid Version with 100 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download ISO-IEC-27001 Lead Auditor PDF     ISO-IEC-27001 Lead Auditor Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments