Expert Advice Community

Guest

Add Further Reference Documents

  Quote
Guest
Guest user Created:   Sep 02, 2022 Last commented:   Sep 02, 2022

Add Further Reference Documents

Hi firstly, thank you for creating a great product. We have a few further reference documents that we would like to include as part of the ISMS. These are related to our regulatory requirements, we should include the Australian Governments Information Security Manual (ISM) and Right Fit for Risk (RFFR). Can I please confirm the best way to add these two key documents?

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 02, 2022

You can address these requirements in your ISMS by including the ISM and the RFRR as legal requirements in the Register of Requirements module.

In addition to including these requirements in the Register of Requirements, you need to implement the security controls related to them. These will be automatically identified in the Statement of Applicability when you define the information in the “To what area is this requirement related?” field in the Register of Requirements module for each entry.

Considering the ISM, suggested areas are “Specifying mandatory safeguards” or “Identification of stakeholders and security requirements”.

Considering the RFFR, the suggested area is “Risk Management”.

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Sep 02, 2022

Sep 02, 2022

Suggested Topics

Guest user Created:   Oct 04, 2022 ISO 27001 & 22301
Replies: 2
0 0

Question on risk assessment

Guest user Created:   Oct 04, 2022 ISO 27001 & 22301
Replies: 1
0 0

ISO 27002

Guest user Created:   Sep 29, 2022 ISO 27001 & 22301
Replies: 1
0 0

Questions about ISO 27001