Guest
ISO 27001 statutory requirements
How meet acceptable ISO 27001 statutory requirements, within reasonable resources at disposal?
Assign topic to the user
Expert
Rhand Leal
Jul 16, 2020
To fulfill ISO 27001 mandatory requirements (e.g., defining the ISMS scope, the Information security policy, performing an internal audit, etc.) and keep required controls to a minimum, you should follow these principles:
- create only the documents you really need
- avoid unnecessary content in required documents (let the documents be written by the employees who will be using those documents in day-to-day operations)
- keep all people in the scope aware of the ISMS and its importance
- keep documentation updated
- measure regularly the results to be sure you achieved your goals (or to implement needed adjustments)
These articles will provide you a further explanation about ISO 27001 implementation:
- 5 ways to avoid overhead with ISO 27001 (and keep the costs down) https://advisera.com/27001academy/blog/2012/06/19/5-ways-to-avoid-overhead-with-iso-27001-and-keep-the-costs-down/
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
- Where to start from with ISO 27001 https://advisera.com/27001academy/knowledgebase/iso-27001-where-to-start-most-important-materials/
These materials will also help you regarding ISO 27001 implementation:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Jul 16, 2020
Jul 16, 2020
Jul 16, 2020