Please select user.
There are no topics yet.
Can you explain how document 14.1 should be filled out? I understand that there's some relationship to the risks listed in document 5.1, but I'm not sure which assets are required to be listed in document 14.1.
To be more specific, we're running a SAAS company with at least these three types of information systems:
Software used in internal development.
The software that we develop. Note that the version of this software changes as we're developing it.
The software that runs in the production environment.
I'm not sure which ones of these should be listed in 14.1.
In the toolkit purchased, there is no policy template for control A.10.1.2 (Key management). I would appreciate it if a document were provided. Thank you.
I’m in the process of writing an Incident Response Plan Policy. Our company purchased the 27001 Documentation Toolkit and I only saw the IRP Procedure. Do you have a IRP Policy somewhere in this toolkit that I can’t find or do I have to purchase this separately?
Can you please help me to find my HR Policy and Awareness? I couldn't locate it in the templates.