Expert Advice Community

Guest

Appointment letters

  Quote
Guest
Guest user Created:   Sep 04, 2020 Last commented:   Sep 07, 2020

Appointment letters

Hello Dejan. we've created an ISO Team for our ISO 27001:2013 implementation project. That being said, is it required for our HR to issue us appointment letters given that the ISO Team members' responsibilities are different from their typical job? For example, we've trained some of our employees to become Internal Auditors but their original responsibilities do not include auditing (Finance Officers, etc).

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 04, 2020

During the implementation phase, the definition of responsibilities inside the project team structure would be enough (i.e., a project document defining who is the project manager, who are the team members, tasks to be performed and who is responsible for them, etc.).

After the implementation, it may be necessary to update the documents you use to define roles, responsibilities, and required competencies (e.g., job descriptions, policies, procedures, training plans, etc.). In general, these documents are identified and updated during the implementation phase.

These articles will provide you a further explanation about definitions of roles and responsibilities:

Quote
0 1
Guest
Christian Vergel Moreni Sep 07, 2020

Thank you, Rhand! 

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 04, 2020

Sep 07, 2020