ISO 27001 requires organizations to implement an Information Security Management System (ISMS) with controls for asset management, logging, and incident response. DNS records are critical information assets, and ZoneWatcher provides the monitoring and audit capabilities your ISMS needs.
DNS Records as Information Assets
ISO 27001 starts with identifying and managing your information assets. Your DNS records control where your traffic goes, who receives your email, and how your services are verified. A modified MX record can redirect email to an attacker. A changed A record can take your application offline. These records deserve the same level of monitoring and control as any other critical asset in your ISMS.
Relevant Annex A Controls
A.5.9 — Inventory of Information and Other Associated Assets
ZoneWatcher automatically discovers and inventories all DNS records across your connected providers. As records are added, modified, or removed, your inventory stays current without manual updates. This gives you a living asset register for your DNS infrastructure.
A.8.15 — Logging
Every DNS change detected by ZoneWatcher is logged with full detail: what changed, from what value to what value, and when. These logs are retained and available for review during internal audits and certification assessments.
A.8.16 — Monitoring Activities
Continuous automated monitoring of DNS records, WHOIS data, and TLS certificates satisfies the requirement for ongoing monitoring activities. ZoneWatcher checks your records on a regular schedule and alerts your team through email, Slack, Microsoft Teams, or Discord when deviations are detected.
A.5.24 — Information Security Incident Management Planning
Real-time alerting on unauthorized DNS changes provides early detection of potential security incidents like domain hijacking. Your incident response team is notified immediately, enabling faster triage and response. The change history also supports post-incident analysis.
Supporting Your Certification
During an ISO 27001 certification audit, assessors look for evidence that your controls are implemented and operating effectively. ZoneWatcher provides:
An automated, up-to-date inventory of DNS assets across all your providers
A historical record of all changes detected, with timestamps and details
Evidence that monitoring is continuous, not periodic or manual
Proof of alerting capability through configurable notification channels
Backup and recovery capability through DNS record exports
This evidence is generated automatically as part of normal operations. There's no separate evidence collection process to manage before an audit.
Continuous Improvement
ISO 27001 emphasizes continual improvement of your ISMS. ZoneWatcher's ongoing monitoring helps you identify patterns in DNS changes over time, whether that's frequent modifications to specific records, unexpected changes during off-hours, or certificates being issued for subdomains you don't recognize. These insights feed directly into your risk assessment and improvement cycles.
Ready to get started? Start your free trial today.
