Expert Advice Community

A.6.1.5 Information security in project management

  Quote
Nika Created:   Nov 17, 2020 Last commented:   Nov 18, 2020

A.6.1.5 Information security in project management

My question is, do we have to consider Information security in project management separately. I mean we have already IT Security policy, and other policies, where we described how to work with information securely. Should it also stay in e.g. Project management Handbook? Or may be we can write in Project management Handbook: you have to follow these policies?   Thank you!

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 18, 2020

The need to consider Information security in project management separately will depend on the results of risk assessment and applicable legal requirements (e.g., laws, regulations, and contracts).
 
For example, some projects may require the implementation of technologies not used in your organization at large, so it would not make sense to write a corporate policy. Other projects, by force of contracts, may require that all information security is under project context. In case these situations do not occur, then you can make projects refer to the corporate documents  

For additional information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 17, 2020

Nov 18, 2020

Suggested Topics