Table 6.
Open in new tab

ISO/IEC controls classification for SCP ‘S2 Increase the Risks’.

SCP TechniqueClause TypeISO/IEC Control
#06 Extend GuardianshipsPeople6.08 Information security event reporting
#07 Assist natural surveillanceOrganizational5.22 Monitoring, review, and change management of supplier services
#08 Reduce AnonymityOrganizational5.06 Contact with special interest groups
#08 Reduce AnonymityPeople6.01 Screening
#08 Reduce AnonymityTechnological8.05 Secure authentication
#08 Reduce AnonymityOrganizational5.16 Identity management
#08 Reduce AnonymityOrganizational5.17 Authentication information
#09 Utilise Place ManagersOrganizational5.02 Information security roles and responsibilities
#10 Strengthen Formal SurveillanceOrganizational5.03 Segregation of duties
#10 Strengthen Formal SurveillanceOrganizational5.07 Threat intelligence
#10 Strengthen Formal SurveillanceOrganizational5.24 Information security incident management planning and preparation
#10 Strengthen Formal SurveillanceOrganizational5.25 Assessment and decision on information security events
#10 Strengthen Formal SurveillanceOrganizational5.28 Collection of evidence
#10 Strengthen Formal SurveillancePhysical7.04 Physical security monitoring
#10 Strengthen Formal SurveillanceTechnological8.15 Logging
#10 Strengthen Formal SurveillanceTechnological8.16 Monitoring activities
#10 Strengthen Formal SurveillanceTechnological8.17 Clock synchronisation
SCP TechniqueClause TypeISO/IEC Control
#06 Extend GuardianshipsPeople6.08 Information security event reporting
#07 Assist natural surveillanceOrganizational5.22 Monitoring, review, and change management of supplier services
#08 Reduce AnonymityOrganizational5.06 Contact with special interest groups
#08 Reduce AnonymityPeople6.01 Screening
#08 Reduce AnonymityTechnological8.05 Secure authentication
#08 Reduce AnonymityOrganizational5.16 Identity management
#08 Reduce AnonymityOrganizational5.17 Authentication information
#09 Utilise Place ManagersOrganizational5.02 Information security roles and responsibilities
#10 Strengthen Formal SurveillanceOrganizational5.03 Segregation of duties
#10 Strengthen Formal SurveillanceOrganizational5.07 Threat intelligence
#10 Strengthen Formal SurveillanceOrganizational5.24 Information security incident management planning and preparation
#10 Strengthen Formal SurveillanceOrganizational5.25 Assessment and decision on information security events
#10 Strengthen Formal SurveillanceOrganizational5.28 Collection of evidence
#10 Strengthen Formal SurveillancePhysical7.04 Physical security monitoring
#10 Strengthen Formal SurveillanceTechnological8.15 Logging
#10 Strengthen Formal SurveillanceTechnological8.16 Monitoring activities
#10 Strengthen Formal SurveillanceTechnological8.17 Clock synchronisation
Table 6.
Open in new tab

ISO/IEC controls classification for SCP ‘S2 Increase the Risks’.

SCP TechniqueClause TypeISO/IEC Control
#06 Extend GuardianshipsPeople6.08 Information security event reporting
#07 Assist natural surveillanceOrganizational5.22 Monitoring, review, and change management of supplier services
#08 Reduce AnonymityOrganizational5.06 Contact with special interest groups
#08 Reduce AnonymityPeople6.01 Screening
#08 Reduce AnonymityTechnological8.05 Secure authentication
#08 Reduce AnonymityOrganizational5.16 Identity management
#08 Reduce AnonymityOrganizational5.17 Authentication information
#09 Utilise Place ManagersOrganizational5.02 Information security roles and responsibilities
#10 Strengthen Formal SurveillanceOrganizational5.03 Segregation of duties
#10 Strengthen Formal SurveillanceOrganizational5.07 Threat intelligence
#10 Strengthen Formal SurveillanceOrganizational5.24 Information security incident management planning and preparation
#10 Strengthen Formal SurveillanceOrganizational5.25 Assessment and decision on information security events
#10 Strengthen Formal SurveillanceOrganizational5.28 Collection of evidence
#10 Strengthen Formal SurveillancePhysical7.04 Physical security monitoring
#10 Strengthen Formal SurveillanceTechnological8.15 Logging
#10 Strengthen Formal SurveillanceTechnological8.16 Monitoring activities
#10 Strengthen Formal SurveillanceTechnological8.17 Clock synchronisation
SCP TechniqueClause TypeISO/IEC Control
#06 Extend GuardianshipsPeople6.08 Information security event reporting
#07 Assist natural surveillanceOrganizational5.22 Monitoring, review, and change management of supplier services
#08 Reduce AnonymityOrganizational5.06 Contact with special interest groups
#08 Reduce AnonymityPeople6.01 Screening
#08 Reduce AnonymityTechnological8.05 Secure authentication
#08 Reduce AnonymityOrganizational5.16 Identity management
#08 Reduce AnonymityOrganizational5.17 Authentication information
#09 Utilise Place ManagersOrganizational5.02 Information security roles and responsibilities
#10 Strengthen Formal SurveillanceOrganizational5.03 Segregation of duties
#10 Strengthen Formal SurveillanceOrganizational5.07 Threat intelligence
#10 Strengthen Formal SurveillanceOrganizational5.24 Information security incident management planning and preparation
#10 Strengthen Formal SurveillanceOrganizational5.25 Assessment and decision on information security events
#10 Strengthen Formal SurveillanceOrganizational5.28 Collection of evidence
#10 Strengthen Formal SurveillancePhysical7.04 Physical security monitoring
#10 Strengthen Formal SurveillanceTechnological8.15 Logging
#10 Strengthen Formal SurveillanceTechnological8.16 Monitoring activities
#10 Strengthen Formal SurveillanceTechnological8.17 Clock synchronisation
Close
This Feature Is Available To Subscribers Only

Sign In or Create an Account

Close

This PDF is available to Subscribers Only

View Article Abstract & Purchase Options

For full access to this pdf, sign in to an existing account, or purchase an annual subscription.

Close