This group includes ISO/IEC (former standard), . NBR ISO/ IEC – Information technology – Security techniques – Code of practice for . Download scientific diagram| C ´ odigo do Controle da NBR ISO/IEC from publication: Sistema de Monitoramento/Gerência de Recursos e de. 23 Apr ISO/IEC comprises ISO/IEC and ISO/IEC / Cor Its technical content is identical to that of ISO/IEC.

Author: Tokus Nisar
Country: Brazil
Language: English (Spanish)
Genre: Marketing
Published (Last): 28 March 2005
Pages: 366
PDF File Size: 6.94 Mb
ePub File Size: 11.12 Mb
ISBN: 777-3-50927-247-4
Downloads: 69675
Price: Free* [*Free Regsitration Required]
Uploader: Aragore

It is necessary to point out that the aim of the electronic signature kec not to make the document illegible, as the content itself is not encrypted, but rather idc increase the state of security of the signed document, in such a way so as to guarantee its confidentiality, integrity and availability.

At the moment, the great majority of laboratories make use, to a greater or lesser degree, of computerized media in order to store their documents. It is understood that the documents may be kept in the electronic media in a partial manner, however, when they are presented to clients, for example during audits etc.

This article needs additional citations for verification. These aspects are assessed in item 5.

These laboratories implement policies and procedures; however, they still feel insecure, in some way, as to how to meet all of these requirements, thereby giving rise to difficulties in the implementation of such. Note 3 of the same item considers “the document and its content as being a single entity “.

ISO/IEC – Wikipedia

However, a critical point in this in case is the control of versions. Finally, we will draw a conclusion with regards to the discussion. How to cite this article. For each of the controls, implementation guidance is provided.

ISO/IEC 27002

In order to work with electronic documents, we need to nr the mechanism of the electronic signature. The laboratory defines, in accordance with the Standard, how, and in what medium it shall keep its documents. The identification of the issuer can be made through the definition of isp access control. At present, the main disadvantage of using the electronic media for document control lies in the connection that such media has to technology.

ISO/IEC – Wikipédia, a enciclopédia livre

In this case, there are two types of access control: How are the main information systems defined, developed, implanted and updated, aiming at meeting the identified necessities? This discussion should not be interpreted as an additional requirement, nor should it be used as an integral part of the Standard. A definition accepted by the authors deems “an electronic document as being that which is memorized in a digital format, and which is not perceptible to the human eye without the intervention of a computer”[6].

All the contents of this journal, except where otherwise noted, is licensed under a Creative Commons Attribution License. A password to access the network environment; A password for the sharing of resources.

Among the advantages of computerized control is the possibility of increasing oso productivity and competitiveness of the laboratory. Retrieved 9 March September 05, ; Accepted: ISO standards by standard number.

This work will not broach the treatment given to the records requirement 4. During the internal and external assessments and audits, the size of the laboratory and the degree to which it is computerized must be taken into account: How is the integrity, the updating and the confidentiality of the information that is stored and made available assured? An inverse backup is normally provoked when a previous version has to be consulted, and this should be avoided.

See item i ; Attending to items a to h guarantees the adequacy of markers a. The maintenance of documents in the electronic media offers many advantages, including: Retrieved jso ” https: If the laboratory keeps a printed copy of a ice, or a copy in one of its computers, it would be advisable for them to present the systematic orientation that guarantees that the latest valid edition of the document is being used, in such a way so as to avoid the revision being kept within its system from being different to that being kept at the original source of such document.

Abnt Nbr Iso Iec 27002 Pdf Download

The aim of this paper is to discuss the control of documents stored in the electronic 117799, adopting requirement 4. In this context, software, data bases, texts, images, as well as the information accessed via the Internet: The definition of a document. A system of document control must be able to generate, issue, receive, store or process information in some other manner, while at the same time trying to maintain the integrity of the documents.

That is, how the laboratory makes the documents available in such cases, and how it assures that the valid editions are used. Coutinho’s sample involved the consideration of the reports of all the assessments nr out between and Please help improve this article by adding citations to reliable lso. Among the resources offered by such software are: July 29, ; Revised: In practice, this flexibility gives users a lot of latitude to adopt the information security controls that make sense to them, but makes it unsuitable for the relatively straightforward compliance testing implicit in most formal certification schemes.

The does not present a definition of an electronic document.