Skip to main content

πŸ’Ό 5.10 Acceptable use of information and other associated assets

  • Contextual name: πŸ’Ό 5.10 Acceptable use of information and other associated assets
  • ID: /frameworks/iso-iec-27001-2022/05/10
  • Located in: πŸ’Ό 5 Organizational controls

Description​

Rules for the acceptable use and procedures for handling information and other associated assets shall be identified, documented and implemented.

Similar​

  • Internal
    • ID: dec-c-9a621695

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (14)​

PolicyLogic CountFlags
πŸ“ AWS Account Root User has active access keys 🟒1🟒 x6
πŸ“ AWS IAM Server Certificate is expired 🟒1🟒 x6
πŸ“ AWS IAM User with console and programmatic access set during the initial creation 🟒🟒 x3
πŸ“ AWS RDS Instance is publicly accessible and in an unrestricted public subnet 🟒1🟒 x6
πŸ“ AWS S3 Bucket is not configured to block public access 🟒1🟒 x6
πŸ“ AWS S3 Bucket MFA Delete is not enabled 🟠🟒1🟠 x1, 🟒 x6
πŸ“ Azure App Service Authentication is disabled and Basic Authentication is enabled 🟒1🟒 x6
πŸ“ Azure App Service Basic Authentication is enabled 🟒🟒 x3
πŸ“ Azure Non-RBAC Key Vault stores Keys without expiration date 🟒1🟒 x6
πŸ“ Azure Non-RBAC Key Vault stores Secrets without expiration date 🟒1🟒 x6
πŸ“ Azure RBAC Key Vault stores Keys without expiration date 🟒1🟒 x6
πŸ“ Azure RBAC Key Vault stores Secrets without expiration date 🟒1🟒 x6
πŸ“ Azure SQL Database allows ingress from 0.0.0.0/0 (ANY IP) 🟒1🟒 x6
πŸ“ Azure Storage Account Trusted Azure Services are not enabled as networking exceptions 🟒1🟒 x6

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-0a7801fb1
βœ‰οΈ dec-x-0feec7902
βœ‰οΈ dec-x-12a853391
βœ‰οΈ dec-x-82ca41272
βœ‰οΈ dec-x-0289e9c91
βœ‰οΈ dec-x-3179d53c1
βœ‰οΈ dec-x-b10e98af1
βœ‰οΈ dec-x-ca52f63a2
βœ‰οΈ dec-x-ec547a7c1
βœ‰οΈ dec-x-f937c35f1
βœ‰οΈ dec-z-bb7312921