Expert Advice Community

Guest

Change management

  Quote
Guest
Guest user Created:   Sep 17, 2020 Last commented:   Sep 17, 2020

Change management

May I ask if change management is required by ISO 27001? If yes, could you please share your resources with me?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 17, 2020

First is important to note that change management exists in ISO 27001 as one control from its Annex A (control A.12.1.2 Change management), but it can be excluded under certain conditions.

Provided that your organization does not have relevant risks or legal requirements (e.g., laws, regulations, or contracts) that require the implementation of change management, it is possible to be certified against ISO 27001 without implementing this control.

To see how a change management document compliant with ISO 27001 looks like, please see the demo on this link: https://advisera.com/27001academy/01academy/emy/ademy/my/documentation/change-management-policy/

These articles will provide you a further explanation about the definition of controls and change management:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 17, 2020

Sep 17, 2020

Suggested Topics

Guest user Created:   Jul 01, 2020 ISO 27001 & 22301
Replies: 1
0 0

Change management process

Guest user Created:   May 08, 2020 ISO 27001 & 22301
Replies: 1
0 0

Change management policy

Guest user Created:   Feb 18, 2020 ISO 27001 & 22301
Replies: 1
0 0

Change management