Guest post Created: Jan 12, 2016 Last commented: Jan 12, 2016

7.2 Competence

According to Clause 7.2 Competence - ISO 27001-13 a)determine the necessary competence of person(s) doing work under its control that affects its information security performance; d) retain appropriate documented information as evidence of competence. For example the competence of CISO would affect its IS performance so should it be recorded,what type of information should be documented Eagerly awaiting replys, Thanks, Itommy

0 0

Assign topic to the user

Select user

Guest

DejanK Jan 12, 2016

Itommy,

Example of necessary competence could be a training plan, while example of evidence of competence could be a certificate issued at the training.

See also this article: How to perform training & awareness for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/05/19/how-to-perform-training-awareness-for-iso-27001-and-iso-22301/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community

7.2 Competence

7.2 Competence

Assign topic to the user

Comment as guest or Sign in

Suggested Topics

Is clause 7.2 Competences of personnel mandatory in ISO 22301?

Mandatory and non-mandatory documents

ISO 27001 clause 7