Comments

3 comments

  • Erkang Zheng

    Have you seen this? https://github.com/JupiterOne/security-policy-templates/blob/master/templates/standards/iso-iec-27002.json

    You can copy/paste that as a compliance standard in your JupiterOne account.  You may need to update your own mappings for policy procedures and queries.

  • Troy Szafalowicz

    Hi Erkang,

    No I haven't seen this yet, we are still in the very early implementation stages.  While this is certainly great to help us get up and running, it would still be nice to have ISO27001 as a pre-mapped Compliance Framework in J1 like the other offered frameworks.

    Thanks for the tip!

    Troy

  • Troy Szafalowicz

    Hi Erkang, just a friendly heads up that the JupiterOne Github ISO 27002 document linked above is referencing the 2005 version of the framework. 

    ISO 27002 was updated in 2013 which re-ordered many of the sections and revised a ton of content when compared to the 2005 version.  We recently had to revise/modify the .JSON we used from that linked Github page in order to use the 2013 version of the framework.

    Thank you!

     

Please sign in to leave a comment.