Exception process
Would you know if the exception process in an information classification policy can be a manual process?
Assign topic to the user
ISO 22301 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 22301 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 22301 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 does not prescribe how exceptions in the ISMS management and operation must be handled, so you can use a manual process to handle exceptions in an information classification policy. You only have to take care that such exceptions do not compromise the fulfillment of the standard's requirements because this would lead to nonconformities.
These materials will help you regarding ISO 27001 requirements:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
May 08, 2020