Guest user Created: Sep 06, 2018 Last commented: Sep 06, 2018

Segregation duties

We have the 27001&22301 Premium Documentation Toolkit, and have enjoyed using your templates. I can't see any reference to A.6.1.2 Segregation of Duties. I'm told that we need a policy to cover this. Can you offer any advice on where to find a template.

0 0

Assign topic to the user

Select user

Guest

Antonio Jose Segovia Sep 06, 2018

Answer: I am sorry, we don’t have a template for the segregation of duties, because this is not a mandatory document according to ISO 27001. Anyway, to implement this control, basically you need:

1. Identification of functions that are indispensable to the organization’s activities
2.- Division of the function into separate steps
3.- Definition of one or more segregation principles to be applied to the functions

For more information, please see this article “Segregation of duties in your ISMS according to ISO 27001 A.6.1.2” : https://advisera.com/27001academy/blog/2016/11/21/segregation-of-duties-in-your-isms-according-to-iso-27001-a-6-1-2/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Sep 06, 2018

Expert Advice Community