Guest
6.2 Information security goals and planning to achieve them
I have a question about the toolkit for ISO27001 (see below): Unfortunately I cannot find a document on the point in the templates
6.2 Information security goals and planning to achieve them
Is there a template for the mandatory document here?
Assign topic to the user
Expert
Rhand Leal
Aug 28, 2020
Please note that usually objectives are set at two levels:
- General ISMS level (for this you can use the Information Security Policy, located on folder 04 General Policies)
- Security controls (for this you can use the Statement of Applicability, located on folder 06 Applicability of Controls)
Regarding the Plan to achieve the objectives, you need the Risk Treatment plan, located on folder 07 Implementation Plan
For further information, see:
- ISO 27001 control objectives – Why are they important? https://advisera.com/27001academy/blog/2012/04/10/iso-27001-control-objectives-why-are-they-important/
Comment as guest or Sign in
Aug 28, 2020
Aug 28, 2020
Aug 28, 2020