Please select user.
There are no topics yet.
We have bought the toolkit (German version) and I have one question:
Which parts and elements are needed within the documentation and description of interfaces and dependencies from “outside” services in connection with the scope of the ISMS. We have identified several interfaces to parties which are not directly included in the scope of the ISMS. For example:
So what is needed to describe these interfaces?
Regarding 27001 Toolkit\08_Annex_A_Security_Controls\A.14_System_Acquisition_Development_and_Maintenance:
We do not do any software development. Is it safe to say that we do not need to complete this Policy and Appendix on Specification o Requirements? If so, do we note this elsewhere in the documentation?