Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024

Expert Advice Community

Guest

Add Further Reference Documents

  Quote
Guest
Guest user Created:   Sep 02, 2022 Last commented:   Sep 02, 2022

Add Further Reference Documents

Hi firstly, thank you for creating a great product. We have a few further reference documents that we would like to include as part of the ISMS. These are related to our regulatory requirements, we should include the Australian Governments Information Security Manual (ISM) and Right Fit for Risk (RFFR). Can I please confirm the best way to add these two key documents?

Assign topic to the user

ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS

Basics of identification of interested parties and their requirements.

ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS

Basics of identification of interested parties and their requirements.

Expert
Rhand Leal Sep 02, 2022

You can address these requirements in your ISMS by including the ISM and the RFRR as legal requirements in the Register of Requirements module.

In addition to including these requirements in the Register of Requirements, you need to implement the security controls related to them. These will be automatically identified in the Statement of Applicability when you define the information in the “To what area is this requirement related?” field in the Register of Requirements module for each entry.

Considering the ISM, suggested areas are “Specifying mandatory safeguards” or “Identification of stakeholders and security requirements”.

Considering the RFFR, the suggested area is “Risk Management”.

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Sep 02, 2022

Sep 02, 2022