Checklist of Mandatory Documentation Required by ISO/IEC 27001 (2013 Revision)
I was checking this White paper: Checklist of Mandatory Documentation Required by ISO/IEC 27001 (2013 Revision)
On page 2 it refers to Definition of security roles and responsibilities A.7.1.2, A.13.2.4
Is there a mistake to the reference?
Assign topic to the user
Please note that requirements in the main section of the standard (sections 4 to 10) related to roles and responsibilities do not require these to be documented.
On the other hand, to fulfill controls A.7.1.2, A.13.2.4, the roles and responsibilities need to be documented.
This article will provide you further explanation documentation of roles and responsibilities:
- How to document roles and responsibilities according to ISO 27001 https://advisera.com/27001academy/blog/2016/06/20/how-to-document-roles-and-responsibilities-according-to-iso-27001/
Comment as guest or Sign in
May 22, 2020