capacity planning procedure - A.10.3.1 (ISO 27001:2005)?
Can anybody share capacity planning procedure which can address A.10.3.1 (ISO 27001:2005)?
Answers (2)
Chetan A
Assistant Manager - Quality at Jubilant Biosys Ltd. / QMS and ISMS Lead Auditor
February 26, 2008
Please refer http://www.teamquest.com/pdfs/whitepaper/tqwp23.pdf
Regards,
Chetan Anand.
Links:
Anthony P
Information Security Specialist Lead at Freddie Mac [TonyPangilinan AT gmail DOT com]
Best Answers in: Information Security (2), Regulation and Compliance (1), Personal Debt Management (1)
Hi Vani,
In addition to the good resource that Chetan Anand has pointed out for you, please consider the IT Control Objectives as presented in CobiT 4.1. The section that you will want to pay close attention is to DS3 (Deliver and Support | Manage Performance and Capacity) which maps directly to ISO/IEC 27001:2005.
If you are a member of ISACA you should be able to download the latest version of CobiT 4.1 from their web site. I hope this helps answer your question.
Kind regards,
Tony
