Expert Advice Community

Guest

Audit point

  Quote
Guest
Guest user Created:   Aug 03, 2022 Last commented:   Aug 03, 2022

Audit point

The auditor has indicated that there are a number of 2021 policies where we cannot demonstrate per date stamping in Conformio that the policies are valid/current in 2022. we don't want to change anything in the policies (e.g., information security policy), but how can we demonstrate that an older policy is still valid in 2022 given it is date stamped 2021.

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 03, 2022

I’m assuming that by date stamping you are referring to the version and date information included in the footer of each document.

In order to prove that the documents are still valid, you can show the auditor that these documents were reviewed by the document owner and considered fit for purpose without the need for changes.

As the evidence of review, you can show to the auditor that the document owner receives a periodic task to review and make changes (if necessary) every “x” months depending on what is defined in the properties within the document. The tasks look like this: https://prnt.sc/-8VvUNAzNGMJ

To access the list of tasks, please access the link “Responsibility Matrix” in the left panel on the Conformio Main screen. From there you can filter the task with “Recurring tasks”. 

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 03, 2022

Aug 03, 2022

Suggested Topics

Guest user Created:   Nov 25, 2022 ISO 27001 & 22301
Replies: 1
0 0

ISO27001 Toolkit materials

Guest user Created:   Nov 23, 2022 ISO 27001 & 22301
Replies: 1
0 0

Control A.18.1.2