Expert Advice Community

Home / ISO 27001 & 22301 / Applicability of ISO procedures

Guest

Applicability of ISO procedures

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   May 08, 2019 Last commented:   May 08, 2019

Applicability of ISO procedures

ISO 27001 & 22301
If I already wrote the ISO policies and procedures, how do I measure the applicability in practice? I mean to what extent people in the company ave applied them into practice?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Dejan Kosutic May 08, 2019

Answer:

If you want to find out if the employees are complying with the written rules, you have to find some evidence of what they are doing - for example, if your Backup Policy defines that the backup needs to be performed every 6 hours, then you have to look for the backup logs and see how often the backup is made.

The best method to verify is something is done is through an internal audit - here you will find a free online training to learn auditing techniques: ISO 27001 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 08, 2019

May 08, 2019

Suggested Topics
Guest user Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

Applicability of ISO 27001 procedures in scope with multiple departments
Guest user Created:   Aug 30, 2021 ISO 27001 & 22301
Replies: 1
0 0

Questions regarding ISO 27001 documentation