Assign topic to the user
In fact ISO 27001 requirements have never prescribed the development of an ISMS Manual, and for good reasons. If you put all the policies and procedures into a single document, this will make the reading of such document very difficult. Additionally, the standard already has a requirement for a document that describe how a company will implement its information security – it is called Statement of Applicability.
This article will provide you further explanation about ISMS Manual:
- Is the ISO 27001 Manual really necessary? https://advisera.com/27001academy/blog/2014/02/03/is-the-iso-27001-manual-really-necessary/
This material will also help you regarding ISMS documentation:
- Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/
Comment as guest or Sign in
Aug 21, 2019