Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Contradictions between Toolkits and video tutorials
We are confused and ask for your clarification upon the found subject contradiction between ISO 27000 video tutorial 103: ISMS Policy and the Integrated ISO 27000/EU GDPR Toolkit.
The video tutorial is focused on the Information Security Management System Policy implementation based on a document template from the Toolkit. However, in the Integrated ISO 27000/EU GDPR Toolkit there is a document named Information Security Policy Integrated which content differs from that shown in the tutorial. ISMS Policy template is missing in Conformio too.
There is no video tutorial available for Information Security Policy implementation.
Are those policies different? Please be so kind to clarify the content contradiction between those two sources.
-
Document content
I’m watching the “How to Write ISO 27001 Procedure for Corrective and Preventive Action” video tutorial, and there our document is missing parts that he demonstrates is in his document. For example, the 3.1 introduction is not in our document.
-
Question about documents
Hi all,
1 - Are documents covered by the document control policy only security-related E.g. regulation, or is it any company document?
2 - Is there a clear definition of external documents? The concept seems nebulous. Maybe a sample policy we can look at with some examples of what other organizations do may help.
3 - For example, an email is an external document, so would someone be tasked to archive them somewhere in this policy?