ISO 27001-13 114 control
Hi, is there any list of processes and procedures which are aligned with ISO 27001-13 114 controls?
i mean for example , Access control policy, how many processes and procedures are good enough to be developed for this policy. same is for other domains
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
There is no definitive answer about how many documents are "good enough" when we talk about ISO management systems because this depends on the unique context of each organization, results of risk assessment, and legal requirements.
Our toolkits contain an optimum number of documents for companies of up to 200 employees, so you normally would not need any additional documents, but an organization may have legal requirements demanding additional documents not directly related to standard's requirements, or most common controls adopted by organizations.
For example, the procedure for a penetration test is not commonly used, so it is not part of the toolkit, but you may have a contract with a customer requiring this specific document
This article will provide you a further explanation about developing documents:
- 8 criteria to decide which ISO 27001 policies and procedures to write https://advisera.com/27001academy/blog/2014/07/28/8-criteria-to-decide-which-iso-27001-policies-and-procedures-to-write/
Comment as guest or Sign in
May 03, 2020