Security controls from ISO 27001 can be a helpful guide for TL 9000 implementation

Ensuring security of products and infrastructure is part TL9000 requirements. The ISO standard on information security can be a helpful reference for the organizations and auditors. The ISO 27001 standard provides a list of security controls. ISO 27002 provides implementation guidance of those controls. Organizations can pick and choose controls relevant for their products and/or services.

Key words in TL9000 (section 7.1) related to security are:

  • Security risk assessment by identifying threats and vulnerabilities
  • Product design should consider safeguarding from such threats and vulnerabilities
  • Implement operational controls in the operational environment
  • Include security risk assessment in the change control process

Here are some commonly used controls from ISO 2701:2013 Annex A that can be helpful for the organizations implementing TL9000. Most of these controls are simple common sense. You do not require an expert on security or IT to implement those.

For questions, contact Subrata Guha.

One Response to “Security controls from ISO 27001 can be a helpful guide for TL 9000 implementation”

October 06, 2018 at 5:35 am, Sobhana123 said:

hi. In ISO 27001 Certification is the provides the information security management system. It is helpful to the all organizations.
ISO 9001 Certification in New zealand


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.