Templates for human resources security
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Answer: In the list of documents file that comes with the toolkit you bought you can identify which clauses from ISO 27001 are covered by each template. In there you will find out that:
- Control A.7.1.1 (Screening) is covered by template "Supplier Security Policy" for external personnel
- Control A.7.1.2 (Terms and conditions of employment) is covered by templates "Confidentiality Statement", "Statement of Acceptance of ISMS Documents", applicable to both internal and external personnel, "Supplier Security Policy", and "Security Clauses for Suppliers and Partners", these last two applicable for external personnel
- Control A.7.2.2 (Information security awareness, education and training) is covered by template"Supplier Security Policy" for external personnel, and template "Training and awareness plan" for internal personnel
- Control A.7.2.3 (Disciplinar y process) is covered by template "Incident Management Procedure"
All these templates are found on:
- folder 09 Training and Awareness Plan (Training and awareness plan)
- folder 08 Annex A, sub-folder A.7 Human resource security (Confidentiality Statement and Statement of Acceptance of ISMS Documents)
- folder 08 Annex A, A.15 Supplier relationships (Supplier Security Policy and Security Clauses for Suppliers and Partners)
Regarding control A.7.2.1 (Management responsibility), responsibilities are defined in each template when required (these responsibilities definition are identified by the expression [job title] you have to fulfil in the templates).
Regarding the control 7.3.1 (Termination or change of employment responsibilities), the compliance with this control is covered through the description in Statement of Applicability (e.g., by the applicability of the access control policy).
But if you have this specific need, or other doubts you want to solve, you can schedule a meeting with one of our experts (this meeting is also included in the toolkit you bought), so he can help you with this issue. To schedule a meeting, please access this link: https://advisera.com/27001academy/consultation/
Comment as guest or Sign in
Sep 19, 2017