Sign in / up

back to article Avoid the dreaded auditor's smirk: Smart policies and procedures for the hybrid cloud

When you get to a certain age, and you've been in the IT industry for enough years, you start to get an idea of what auditors are looking for when they descend on you and ask you pointed questions about your systems. And I don't just mean security auditors: if your company has an annual financial audit the team which comes to …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    In summary..

    Use the index of ISO 27001 as a guide and you'll be right as rain.

    But that would make for a shorter article :).

    0 0 Reply
    1. Alistair Silver badge
      Reply Icon
      Coat

      Re: In summary..

      Shhhh.

      All those "security training seminar" sales folk will be hunting you down if you keep this up.

      2 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: In summary..

        Nah, I stopped that racket a while back (because it really is a racket), and you're talking to someone who used BS7799 when it was still in draft. The one to watch is ISO 27001, but you can't certify against that because that would actually be *effective*. No, you can only get certified against having a system in place (ISO 27002), which is unaffordable for smaller companies - see where that is going?

        0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like