Compliance Reports: International Standardization Organization 27002 (ISO 27002)

Document created by RSA Information Design and Development on May 25, 2016Last modified by RSA Information Design and Development on Nov 15, 2018
Version 169Show Document
  • View in full screen mode
 

ISO 27002 establishes guidelines and general principles for initiating, implementing, maintaining and improving information security management in an organization. ISO 27002 is used as the foundation and technical guidelines for many international and industry compliance standards and are generally good practices for all organizations.

Dependencies

The PCI compliance reports have the following dependencies.

                  
SA RulesSA ListsApp Rules

Accounts Created

Accounts Deleted

Accounts Disabled

Accounts Modified

Admin Access to Compliance Systems Details

Admin Access to Compliance Systems Summary

Antivirus Signature Update

Change in Audit Settings

Encryption Failures

Encryption Key Generation and Changes

Failed Escalation of Privileges Details

Failed Escalation of Privileges Summary

Failed Remote Access Details

Failed Remote Access Summary

Firewall Configuration Changes

Firmware Changes on Wireless Devices

Logon Failures Details

Logon Failures Summary

Password Changes

Password Changes Summary

Router Configuration Changes

Successful Escalation of Privileges Details

Successful Escalation of Privileges Summary

Successful Remote Access Details

Successful Remote Access Summary

Successful Use of Encryption

System Clock Synchronization

User Access Revoked

User Access to Compliance Systems Details

User Access to Compliance Systems Summary

User Session Terminated Summary

Administrative Users

Compliance Systems

account:created

account:deleted

account:disabled

account:modified

account:logon-success

av:signature-update

config:change-audit-setting

encryption:failures

encryption:key-gen-and-changes

access:privilege-escalation-failure

access:remote-failure

access:remote-success

config:fw-config-changes

config:firmware-config-changes

account:logon-failure

account:password-change

config:router-change

access:privilege-escalation-success

alm:system-clock-synch

access:user-access-revoked

account:logout

Citations

The ISO 27002 reports have the following Citations.

                                                                                                                                                    
Report RuleCitation NumberCitation Description
Accounts Created11.2.1A formal process should be in place for the granting and revoking of access to information systems.
Accounts Deleted11.2.1A formal process should be in place for the granting and revoking of access to information systems.
Accounts Modified11.2.1A formal process should be in place for the granting and revoking of access to information systems.
Antivirus Signature Update10.4.1The software should be set up to automatically download and update signature files to ensure the protection is kept up to date. 
Change in Audit Settings12.52, 12.53When the operating system is changed, all critical applications should be tested and reviewed to ensure there are no adverse impacts on operations or security.
Encryption Failures15.1.6Cryptographic controls should be in compliance with all laws and regulations.
Key Generation and Changes12.3.2Key-management techniques should be in place. All keys should be protected against modification, loss, destruction, and unauthorized disclosure
Escalation of Privileges - Detail
Escalation of Privileges - Top 25
10.10.4All activities by System Administrators and System Operators should be logged. 
Failed Remote  Access - Detail11.7.2Operational procedures and plans should be developed for use by teleworking employees
Failed Remote Access - Top 2511.7.2Operational procedures and plans should be developed for use by teleworking employees
Firewall Configuration Changes12.52, 12.53When the operating system is changed, all critical applications should be tested and reviewed to ensure there are no adverse impacts on operations or security.
Firmware Changes Wireless Devices12.52, 12.53When the operating system is changed, all critical applications should be tested and reviewed to ensure there are no adverse impacts on operations or security.
Logon Failures - Detail11.5.1All successful and unsuccessful logon attempts should be recorded.
Logon Failures - Top 2511.5.1All successful and unsuccessful logon attempts should be recorded.
Password Changes - Detail
Password Changes - Top 25
11.3.1Passwords should be changed on a regular basis and when there is an indication of compromise. 
Router Configuration Changes12.52, 12.53When the operating system is changed, all critical applications should be tested and reviewed to ensure there are no adverse impacts on operations or security.
Admin Access to Compliance Systems - Detail11.5.1All successful and unsuccessful logon attempts should be recorded.
Admin Access to Compliance Systems - Top 2511.5.1All successful and unsuccessful logon attempts should be recorded.
Successful Remote Access - Detail11.7.2Operational procedures and plans should be developed for use by teleworking employees
Successful Remote Access - Top 2511.7.2Operational procedures and plans should be developed for use by teleworking employees
Successful Use of Encryption15.1.6Cryptographic controls should be in compliance with all laws and regulations.
User Access to Compliance Systems - Detail11.5.1All successful and unsuccessful logon attempts should be recorded.
User Access to Compliance Systems - Top 2511.5.1All successful and unsuccessful logon attempts should be recorded.
System Clock Synchronization10.10.6All system clocks should be automatically synchronized with an accurate time source.
User Access Revoked11.2.1A formal process should be in place for the granting and revoking of access to information systems. 
Account Management11.2.1A formal process should be in place for the granting and revoking of access to information systems.
User Session Terminated - Top 2511.5.5Inactive sessions should be shut down after a period of time. 
You are here
Table of Contents > Compliance Reports: International Standardization Organization 27002 (ISO 27002)

Attachments

    Outcomes