Guest user Created: Mar 07, 2019 Last commented: Mar 07, 2019

The Statement of Acceptance of ISMS System Documents

The Statement of Acceptance of ISMS System Documents. Can you please supply a consolidated list of policies the auditor requires each employee to sign for?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Mar 07, 2019

Answer:

First is important to understand that this Statement:
- is necessary only if they have found risks or some other reason to use it
- is not necessary if you have some other way to prove that the documents were read by employees (e.g., through a document management system)

Considering that, the auditor's role is to verify if documents comply with the standard's requirements and if people's activities and process comply with what was documented, so the auditor will not require employees to sign this or that policy, but will check if they understand the policies, procedures and documents that are listed in the Statement of Acceptance of ISMS System Documents.

As for which documents to include in the statement, you have to include all documents from the toolkit you implemented.

This article may provide you further information:
- Which questions will the ISO 27001 certificatio n auditor ask? https://advisera.com/27001academy/blog/2015/07/20/which-questions-will-the-iso-27001-certification-auditor-ask/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Mar 07, 2019

Expert Advice Community