A.5 Information Security Policies
Why are there no templates in the Toolkit for the controls under A.5 Information Security Policies? I would have expected to find these in the folder A.6_Organization_of_Information_Security.
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
The documents from section A.5 are not missing from the toolkit – you can find them here:
- A.5 – all the documents from folder “08 Annex A” cover the requirements about information security policies (A.5.1.1 and A.5.1.2)
Included in the toolkit there is a List of Documents file that shows which documents cover which clauses of the standard.
Hi,
There is nothing from A.5 in the folder "08 Annex A". And also the List of Documents starts at A.6 under "08 Annex A..."
First of all, I'm sorry about this confusion.
Please note that the link between the controls from section A.5 and the documents in folder 08 Annex A is stated in the Statement of Applicability document, located on folder 06 Applicability of Controls:
- Implementation method for control A.5.1.1: "All policies referred to below in this column." (i.e. the Information Security Policy, and policies included in folder 08 Annex A)
- Implementation method for control A.5.1.2: "Each policy has a designated owner who has to review the document at planned interval
Comment as guest or Sign in
Jul 21, 2020