Save 20% on accredited ISO 27001 course exams.
Limited-time offer – ends July 18, 2024
Use promo code:
EXAM20

Expert Advice Community

Guest

Clause 7.4 Communication Register

  Quote
Guest
Guest user Created:   Jun 06, 2023 Last commented:   Jun 06, 2023

Clause 7.4 Communication Register

Dear Team - how can we generate a communication register for the 7.4 clause? We were asked for Communication Register.

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 06, 2023

First is important to note that we do not recommend creating such a register.

Please note that ISO 27001 requires you to define a communication process, although there is no requirement that such a process must be documented.

Considering that, communication is an activity that is performed by many processes in information security according to ISO 27001, with different purposes. So, to have a centralized communication procedure would create an overhead for people responsible for communication with activities that may not be a part of their regular tasks.

That’s the reason there isn’t a specific template for clause 7.4.

The main documents in Conformio that define how communication needs to be done are:

  • the Information Security Policy
  • the Training Module
  • the Incident Management Procedure
  • the Disaster Recovery Plan

Additionally, most of the communication an organization performs is already registered through emails, Slack messages, etc. - so those can act as “registers”.

If you do want to create a separate Communication plan, then this article will provide you with further explanation about communication plan:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 06, 2023

Jun 06, 2023