Identity and Access Management
Book
MidPoint
- Compliance
  - ISO 27001
    - 5.1
    - 5.2
    - 5.3
    - 5.4
    - 5.5
    - 5.6
    - 5.7
    - 5.8
    - 5.9
    - 5.10
    - 5.11
    - 5.12
    - 5.13
    - 5.14
    - 5.15
    - 5.16
    - 5.17
    - 5.18
    - 5.19
    - 5.20
    - 5.21
    - 5.22
    - 5.23
    - 5.24
    - 5.25
    - 5.26
    - 5.27
    - 5.28
    - 5.29
    - 5.30
    - 5.31
    - 5.32
    - 5.33
    - 5.34
    - 5.35
    - 5.36
    - 5.37
    - 6.1
    - 6.2
    - 6.3
    - 6.4
    - 6.5
    - 6.6
    - 6.7
    - 6.8
    - 7.1
    - 7.2
    - 7.3
    - 7.4
    - 7.5
    - 7.6
    - 7.7
    - 7.8
    - 7.9
    - 7.10
    - 7.11
    - 7.12
    - 7.13
    - 7.14
Identity Connectors
Support
Trainings
Evolveum
Community
Library
Case Studies
Talks
Glossary
Frequently Asked Questions
About

ISO/IEC 27001 Control 5.35: Independent review of information security

Control

The organization’s approach to managing information security and its implementation including people, processes and technologies should be reviewed independently at planned intervals, or when significant changes occur.

Necessity of MidPoint

MidPoint is not applicable for implementation of this control.

Implementation of the control is completely outside the scope of identity governance and administration (IGA).

Rationale

This is purely organizational control, dealing with organization of independent reviews and audits. The control is concerned with legislation, processes and policies on a level far above the technical measures provided by midPoint.

Was this page helpful?

YES NO

Thanks for your feedback

ISO/IEC 27001 Control 5.35: Independent review of information security

Control

Necessity of MidPoint

Rationale

Related Controls