One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 2148824 |
| Date de publication | 2020-11-15 10:43:57 (vue: 2021-01-06 20:37:56) |
| Titre | NBlog Nov 15 - the trouble with dropping controls |
| Texte |  I literally don't understand a question that came up on the ISO27k Forum this week. A member asked:'Should a control be discontinued because a reassessment showed a lower acceptable risk score?' I find it interesting to pick apart the question to explore the reasons why I don't understand it, and the implications. See what you think ... Any control may legitimately be 'discontinued' (removed, unimplemented, retired, replaced, modified etc.) provided that change has been duly thought-through, assessed, justified, and deemed appropriate for whatever reasons. It may be important, though, to be reasonably certain that discontinuation is, in fact, in the best interests of the organization, and that's often hard to determine as controls can be quite complex in themselves, and are part of a highly complex 'control environment'. A seemingly trivial, unimportant, even redundant control (such as an alert) might turn out to be critical under specific circumstances (where other alerts fail, or were accidentally disabled, or were actively and deliberately bypassed by an attacker or fraudster). So, it may be preferable to 'suspend' the control for a while, pending a review to determine what the effects truly are … since it is probably easier and quicker to reinstate a 'suspended' control if needs be, than it would have been if the control was completely removed and trashed. A dubious firewall rule, for example, might be set to 'warn and log only', rather than simply being dropped from the ruleset, the reverse o |
| Envoyé | Oui |
| Condensat | on a how i if ineffective it so to we ability about acceptable acceptance accepted accepting accidentally account actively activity additional after alert alerts all already alternatives ambiguous amuses another any anything apart approach appropriate are arise arisen arising around asked: assessed assessment assurance attacker authorized averse because been before being benefits best better biased body brow business busy but bypassed came can candidate candidates caveats certain challenging change changed circumstances clearly comma completely complex complexity compliance concept concerns confusion considered constraints control controls costly costs could critical decided decisions deemed deeper default deliberate deliberately determine dig disabled discontinuation discontinued discussed discussion does don done doubts dropped dropping dubious duly easier easily effectiveness effects efficiently else: environment etc evaluation even exactly example exercise existence explore fact fail failing find firewall firewall rule formally forum fraudster from full furrows generally genuinely good grey hand happy hard has have having headed hence here highly hints hope how ideally implement implications important including independent information inherent insightful intending interesting interests introduced investigation iso27k its itself justified justifying lack lately launched legitimately lengthy less level likely literally little log lower management matter may maybe mean means member might mind minefield missed modified more most naturally naïve nblog nbloggings necessarily necessary need needed needs negative net new not nov obligations/expectations often one only opens opposite option options organization other out over overlooked part patently pending perceived perhaps person pick polar posed positive potential potentially preferable probably problematic process producing professionals provided ps question questions quicker quite range rather reasonably reasons reassessment recommendation reduced reduction redundant reflects reinstate removal remove removed removing repeatedly replaced report rest retaining retired reverse review risk risks rules ruleset said same say score scored scoring security see seemingly sensible seriously set short should showed simply since situation some someone something sorry specific stimulated strong such suggesting supporting/compensating suspend suspended taking term than that themselves then thing think thinking though thought threads through tolerant too topic totally towards trashed trivial trouble truly turn turns under understand unimplemented unimportant vague value various very warn warrant way week well what whatever when where which who whole why with/engrossed without work world worth would yet your |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.