1. Please confirm the following versions of the Mandatory Documents the latest/current versions: ISO 27001 – ver 3.9, 2020-02-10
2. Within the ISO 27001 Documentation Toolkit List See attachment 27001A
- No. 57, Doc Code 10, Internal Audit Procedure: This does not have a green check mark as a Mandatory Document, however No. 58 and 59 Appendix 1 and 2 has a green check mark for a mandatory document. Should the Procedure for Internal Audit be checked as a mandatory document? See attachment 27001A Screenshot 1.
- No. 21 – 25, although these are not checked as a Mandatory Document, do we still need to create policies for them and all other documents/appendixes that are not checked as well? See screenshot 2. This question would apply to ISO 20000 Document Toolkit as well?