Risk Assessment and Risk and Control Self-Assessment
Use of logo
Mandatory documents
ISMS objectives
Residual risks
Audit to the area of operations
Secure System Engg Principles
My Organization is ISO 9001 certified and CMMI L3 certified. Currently we are implementing ISO 27001.
This question is regarding, Secure system engg principles. Can we have the SDLC document(which we have for 9001) for secure system engg principles. Is this enough or do we need to derive a new one?
Please advice.