richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Renamed some folders

Browse source
This commit is contained in:
Richard Kranendonk 2026-04-29 14:20:35 +02:00
parent 3542083f69
commit 3c800ae860
278 changed files with 113 additions and 113 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Corpus/💡Drafts and Ideas/Dealing with a reported application vulnerability Log4j.md
View file

@ -32,16 +32,16 @@ Do an impact analyses and identify a treatment:
## Relevant ISO 27001 controls
The main control of interest here is [ISO 27001 A 12.6.1 Management of technical vulnerabilities](../Standards/ISO27x/archive/ISO%2027001%202013/ISO%2027001%20A%2012.6.1%20Management%20of%20technical%20vulnerabilities.md), which ensures timely awareness of vulnerabilities through [ISO 27001 A 6.1.4 Contact with special interest groups](../Standards/ISO27x/archive/ISO%2027001%202013/ISO%2027001%20A%206.1.4%20Contact%20with%20special%20interest%20groups.md), evaluation of an organizations exposure, and having set [ISO 27001 A 16.1.1 Responsibilities and procedures](../Standards/ISO27x/archive/ISO%2027001%202013/ISO%2027001%20A%2016.1.1%20Responsibilities%20and%20procedures.md) to enable a quick and effective response.
The main control of interest here is [ISO 27001 A 12.6.1 Management of technical vulnerabilities](../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A%2012.6.1%20Management%20of%20technical%20vulnerabilities.md), which ensures timely awareness of vulnerabilities through [ISO 27001 A 6.1.4 Contact with special interest groups](../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A%206.1.4%20Contact%20with%20special%20interest%20groups.md), evaluation of an organizations exposure, and having set [ISO 27001 A 16.1.1 Responsibilities and procedures](../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A%2016.1.1%20Responsibilities%20and%20procedures.md) to enable a quick and effective response.
Stopping the gap:
- [[ISO 27001 A 13.1.1 Network controls]]
- [[ISO 27001 A 13.1.2 Security of network services]]
- [ISO 27001 A 12.5.1 Installation of software on operational systems](../Standards/ISO27x/archive/ISO%2027001%202013/ISO%2027001%20A%2012.5.1%20Installation%20of%20software%20on%20operational%20systems.md)
- [ISO 27001 A 12.5.1 Installation of software on operational systems](../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A%2012.5.1%20Installation%20of%20software%20on%20operational%20systems.md)
Preventative measures:
- [ISO 27001 A 12.6.2 Restrictions on software installation](../Standards/ISO27x/archive/ISO%2027001%202013/ISO%2027001%20A%2012.6.2%20Restrictions%20on%20software%20installation.md)
- [ISO 27001 A 12.6.2 Restrictions on software installation](../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A%2012.6.2%20Restrictions%20on%20software%20installation.md)
- [[ISO 27001 A 14.1.1 Information security requirements analysis and specification]]
- [[ISO 27001 14.2.1 Secure development policy]]
- [[ISO 27001 A 14.2.7 Outsourced development]]
- [ISO 27001 A 18 Compliance](../Standards/ISO27x/archive/ISO%2027001%202013/ISO%2027001%20A%2018%20Compliance.md) of systems
- [ISO 27001 A 18 Compliance](../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A%2018%20Compliance.md) of systems