ISO/IEC 27000 Outsourced Development, v2022
Specifies requirements in accordance with the security and privacy controls specified by ISO/IEC Publication 27001:2022, related to outsourced development.
Assessment Step
|
1
Outsourced Development (OutsourcedDevelopment)
Does the organization direct, monitor, and review the activities related to outsourced system development?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) and supporting notes as appropriate to support the assessor's response to this assessment step.
|
Conformance Criteria (1)
|
Outsourced Development
The organization shall direct, monitor and review the activities related to outsourced system development.
Citations
27001
Annex A, Control 8.30
27002
Section 8.30
|