- Acronis
- Aruba Networks
- Assuria
- Barracuda
- Boldon James
- C2C
- Check Point
- Cryptocard
- eSoft
- Extreme Networks
- ForeScout NAC & IPS
- Formscan
- id Quantique
- Juniper Networks
- Loglogic
- Lumension
- McAfee
- Mirapoint
- Mycroft Talisen
- Safend
- SecurEnvoy
- SmoothWall
- Stonesoft
- Symantec
- Trend Micro
- Vasco
- Watchguard
- Websense
- Business Support
- IT Security Awareness
- IT Security Consultancy
- ISO27001 GAP Analysis
- Penetration Testing
- Web Application Test
- Database Security
- Wireless Security
- Social Engineering
- Forensics
- Information Systems Security Assessment
- IT Security Standards Compliance Assessment Service
- Service Management
- Physical Security
A-6-2 External parties
Objective: To maintain the security of the organization’s information and information processing facilities that are accessed, processed, communicated to, or managed by external parties.
A.6.2.1 Identification of risks related to external parties
Control
The risks to the organization’s information and information processing facilities from business processes involving external parties shall be identified and appropriate controls implemented before granting access.
A.6.2.2 Addressing security when dealing with customers
Control
All identified security requirements shall be addressed before giving customers access to the organization’s information or assets.
A.6.2.3 Addressing security in third party agreements
Control
Agreements with third parties involving accessing, processing, communicating or managing the organization’s information or information processing facilities, or adding products or services to information processing facilities shall cover all relevant security requirements.
© Copyright Castleforce 2007-2010. Web design by Theme Group