Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

Annex A section 5.1

  Quote
Guest
Guest user Created:   Mar 18, 2021 Last commented:   Mar 18, 2021

Annex A section 5.1

I have had one of our ISO reviewers internally – asking why we don’t have Annex A section 5.1 (5.1.1 and 5.1.2) documents as part of the kit we purchased, or if these are covered in other sections?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Mar 18, 2021

Controls A.5.1.1 and A.5.1.2 are covered by ca 20 policies and procedures you can find in folder "08 Annex A" - it does not make sense to have a specific document focused only on these two controls.

Additionally, is important to understand that ISO 27001 does not require every applicable control to be a separate document. In some cases, you only need to make a brief description of how it is implemented, and you can do that in our SoA template, in the column "Implementation Method".

This article will provide you a further explanation about the Statement of Applicability:
- How to structure the documents for ISO 27001 Annex A controls https://advisera.com/27001academy/blog/2014/11/03/how-to-structure-the-documents-for-iso-27001-annex-a-controls/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 18, 2021

Mar 18, 2021

Suggested Topics