Skip to contentCYBERINFO
|

Control 5.6 : Contact with Special Interest Groups

Summary

This control encourages participation in professional security forums, industry groups, and specialist associations. Staying engaged with the wider security community allows the organization to stay ahead of emerging threats and share best practices.

Applicability

In-Scope: Highly beneficial for threat intelligence and continuous improvement. It is relevant for any specialist looking to validate their knowledge against industry peers and stay current with the ISO 27001 roadmap.

Out-of-Scope: Rarely excluded, but might be less formal in very small companies. However, for a specialist-led ISMS, it is a key component of the improvement phase.

Implementation Guidance

Microsoft 365 / Entra ID

  • Knowledge Sharing: Use Microsoft Teams to create an internal Security Community of Practice where insights from external groups are shared.

  • Threat Intelligence: Integrate external threat feeds from industry groups (e.g., ISACs) into Microsoft Sentinel to automate the defense against newly identified threats.

  • Professional Development: Track memberships in groups like ISC2 (for CISSP) or PECB (for Lead Auditors) within the HR module or SharePoint.

Evidence Checklist

  • Membership Records: Evidence of active memberships in security forums or associations.

  • Conference/Webinar Attendance: Certificates or emails confirming participation in industry-led security sessions.

  • Information Sharing: Logs or Teams messages showing that external intelligence was used to update internal security controls.

Practical Audit Advice

Here are some questions the auditor might ask:

  • Which specific professional groups or forums does the organization use to stay informed about new vulnerabilities?

  • How is the information gathered from these special interest groups filtered and turned into actionable security improvements?

  • Can you provide an example of a recent threat or trend identified by an external group that led to a change in your security posture?

  • How do you ensure that the specialists within your team maintain their professional certifications and industry ties?