Documents required from support/CSM perspective
Could you advise what documents would be required from a support/CSM perspective, please
Assign topic to the user
I’m assuming that by CSM you mean Customer Support Management.
Considering that, to be compliant with ISO 27001, besides the mandatory documents and records, to define which documents would be required, you would need to consider elements like:
- relevant risks
- compliance with legal requirements (e.g., laws, regulations, and contracts)
- company size
- process importance, complexity, and maturity
- number of people involved
- frequency of use
For example, regarding compliance with legal requirements, there might be a customer requirement to classify data exchanged through customer service which you would cover through Classification Policy, or there might be a regulation which requires the protection of customer personal data with encryption which you would cover through Encryption Policy.
This article will provide you a further explanation about which document to develop:
- 8 criteria to decide which ISO 27001 policies and procedures to write https://advisera.com/27001academy/blog/2014/07/28/8-criteria-to-decide-which-iso-27001-policies-and-procedures-to-write/
This article will provide you information about ISO 27001 mandatory documents and records, as well as the most commonly used documents:
- List of mandatory documents required by ISO 27001 (2013 revision) https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/
Comment as guest or Sign in
Oct 20, 2021