Screening requirement
Can I used sampling method to meet the personal screening requirement ISO 27001:2013?
Assign topic to the user
ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS
Basics of identification of interested parties and their requirements.
Get it now 
ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS
Basics of identification of interested parties and their requirements.
Get it now
ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS
Basics of identification of interested parties and their requirements.
Get it now
Please note that if control A.7.1.1. (screening) from ISO 27001 is applicable to your ISMS, then you have to apply it to all candidates for employment (by sampling candidates you will not be fulfilling the requirements for the control).
What you can do to minimize effort is to apply screening only to roles that are related to unacceptable risks, or because legal requirements require the screening to be performed. Additionally, you can perform the screening only at late stages of the hiring process, when you will have fewer candidates to evaluate
This article will provide you a further explanation:
- How to perform background checks according to ISO 27001 https://advisera.com/27001academy/blog/2018/03/26/how-to-perform-background-checks-according-to-iso-27001/
Comment as guest or Sign in
Feb 06, 2020