Annex A Policies list
May I know please why the policies list inside 08_Annex_A_Security_Controls Folder not listed under 3.2 Project Results in Project Plan Document?
Assign topic to the user
ISO 22301 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 22301 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 22301 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
I assume your question is related to our ISO 27001 Documentation Toolkit - the reason why these security policies are not listed in the Project plan is because first you have to complete your risk assessment in order to decide which of these policies will be needed.
In other words, not all of these security documents are needed - you should apply only the ones that are really needed to decrease your risks.
This article explains the logic: The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
These materials will also help you regarding the flow of the implementation:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your
Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course
https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Jan 30, 2020