Save 20% on accredited ISO 27001 course exams.
Limited-time offer – ends July 18, 2024
Use promo code:
EXAM20

Expert Advice Community

Guest

Clause 4.1 and 7.5

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Clause 4.1 and 7.5

0 0

Assign topic to the user

ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY

Define main rules for risk assessment and treatment.

ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY

Define main rules for risk assessment and treatment.

Guest
AntonioS Jan 12, 2016

Please explain clause 4.1 and 7.5. Problem is that our company has only three employees (including me) and i dont get the big picture of this clause 7.5 
 

Answer:

Sure, I will give you two interesting articles:
Regarding to the clause 4.1 Understanding the organization and its context, you can read this article “Explanation of ISO 27001:2013 clause 4.1 (Understanding the organization)” : https://advisera.com/27001academy/knowledgebase/how-to-define-context-of-the-organization-according-to-iso-27001/
Regarding to clause 7.5 Documented information, you can read this article “Document management in ISO 27001 & BS 25999-2” : https://advisera.com/27001academy/blog/2010/03/30/document-management-within-iso-27001-bs-25999-2/
Finally, related to your final question “i dont get the big picture of this clause 7.5” : This clause (7.5) is related with the management of documents (you need to establish this controls for each document: identification, description, review and approval for suitability and adequacy, format, control of changes, control access, distribution, storage, retention, disposition, control of external documents). And as you know, there are some mandatory documents (if not, please read this article “List of mandatory documents required by ISO 27001 (2013 revision)” : https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/), so independently of the size of your business, you need to implement documents, and for them you need to establish controls that I have mentioned before.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics

Guest user Created:   Sep 08, 2023 ISO 27001 & 22301
Replies: 3
0 0

ISO 27001 Clause 4 - Scope

Guest user Created:   Nov 18, 2022 ISO 27001 & 22301
Replies: 1
0 0

Clause reference