5.1 Leadership and commitment
1. What Template in our Toolkit contains this Clause?
2. Can we be compliant with this clause maintaining our Information Security Policy? If yes, what shall we give emphasis on apart from company Policies and guidelines?
Assign topic to the user
1. What Template in our Toolkit contains this Clause?
Please note that leadership and commitment requirements are systemic, not limited to a single document, so they are embedded in several documents in the toolkit such as:
- Information security policy
- Training and awareness plan
- Management review
For further information see:
- Roles and responsibilities of top management in ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/06/09/roles-and-responsibilities-of-top-management-in-iso-27001-and-iso-22301/
2. Can we be compliant with this clause maintaining our Information Security Policy? If yes, what shall we give emphasis on apart from company Policies and guidelines?
As mentioned in the previous answer, the Information Security Policy is only one of the documents you need to implement to be compliant with ISO 27001 leadership and commitment requirements.
Other issues you have to consider are:
- Determine information security objectives
- Determine the main responsibilities related to ISMS
- Communicate the ISMS importance
- Provide all the necessary resources
- Perform management review
Comment as guest or Sign in
Apr 29, 2020