ISO/IEC 27001 Control 5.25: Assessment and decision on information security events


The organization should assess information security events and decide if they are to be categorized as information security incidents.

Necessity of MidPoint

MidPoint's contribution to implementation of this control is marginal.

Implementation of the control is mostly outside the scope of identity governance and administration (IGA), therefore midPoint cannot provide significant advantage. However, midPoint can still provide minor supporting information and functionality.

Implementation Overview

MidPoint can provide supplementary information for security event classification.

Implementation Details

MidPoint can provide supplementary information for classification of security events. E.g. midPoint can provide information whether a user with compromised credentials had access to any systems, or whether the user was inactive. Application inventory can provide overview whether any users had access to vulnerable applications, and it can also provide hints whether vulnerable application was used at all.

Was this page helpful?
Thanks for your feedback