ISO 27001 Implementation Committee
I was hoping to ask you which parts of an organization would sit on the ISO 27001 Implementation Committee for a company?
HR/ Legal / IT representatives / Security personnel for example
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 does not prescribe how an organization must define its information security structure, only that relevant responsibilities related to information must be defined, so organizations are free to define them as they see fit.
Considering this, your suggested areas are acceptable if your organization is a small or medium one (i.e., up to 500 employees). Please note that a committee's role is most related to making decisions about implementation steps, not executing them (this is part of the implementation team's responsibilities).
This article will provide you further explanation about responsibilities in an ISO 27001 implementation project:
- RACI matrix for ISO 27001 implementation project https://advisera.com/27001academy/blog/2018/11/05/raci-matrix-for-iso-27001-implementation-project/
These materials will also help you regarding ISO 27001 implementation project:
- Preparations for the ISO Implementation Project: A Plain English Guide https://advisera.com/books/preparations-for-the-iso-implementation-project-a-plain-english-guide/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Nov 21, 2019