For A11.2.7 in the new standard do we need to keep a record of erasure/reuse of equipment?
Risk assessment & treatment and Statement of Applicability
ISO 27001 Lead Auditor Course
Implementation of A.14.3.1 and A.14.2.5 controls
Supplier policy and risk assessment & treatment
Actions to address risks and oportunities - 6.1.1 General
In the documentation toolkit where is documented the requirements described in clause 6.1.1 General (Actions to address risks and opportunities) ? Auditor will probably check the compliance with this requirement.