When to use this
Use this register to document where cryptography is used and whether the chosen algorithm, protocol, and key parameters are appropriate.
Related controls
Register
| Use case | System/service | Protection need | Algorithm/protocol | Key length/parameters | Approved? | Owner | Review date | Notes |
|---|---|---|---|---|---|---|---|---|
| TBD | TBD | Confidentiality / Integrity / Authenticity / Non-repudiation | TBD | TBD | Yes/No | TBD | TBD | TBD |
Minimum checks
- Use case traces to risk or legal/business requirement.
- Algorithm/protocol is approved.
- Key length/parameters are suitable.
- Performance impact considered.
- Review date assigned.
- Template
- Iso27001
- Technological controls
- Cryptography
Note Metadata
Aliases: Cryptographic Use Case Register
Source: 90 Templates/Cryptographic Use Case and Algorithm Register.md
Related Notes
- Risk Assessment
- A.8.24 Audit Evidence Pack
- ISO 27001 A.8.24 - Use of Cryptography
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- A.8.24 Audit Checklist
- Cryptographic Controls Policy
- Templates MOC