Expert Advice Community

Guest

Clause 7.4 Communication Register

  Quote
Guest
Guest user Created:   Jun 06, 2023 Last commented:   Jun 06, 2023

Clause 7.4 Communication Register

Dear Team - how can we generate a communication register for the 7.4 clause? We were asked for Communication Register.

Assign topic to the user

ISO 27001 ISMS SCOPE DOCUMENT

Define the boundaries of ISMS for ISO 27001.

ISO 27001 ISMS SCOPE DOCUMENT

Define the boundaries of ISMS for ISO 27001.

Expert
Rhand Leal Jun 06, 2023

First is important to note that we do not recommend creating such a register.

Please note that ISO 27001 requires you to define a communication process, although there is no requirement that such a process must be documented.

Considering that, communication is an activity that is performed by many processes in information security according to ISO 27001, with different purposes. So, to have a centralized communication procedure would create an overhead for people responsible for communication with activities that may not be a part of their regular tasks.

That’s the reason there isn’t a specific template for clause 7.4.

The main documents in Conformio that define how communication needs to be done are:

  • the Information Security Policy
  • the Training Module
  • the Incident Management Procedure
  • the Disaster Recovery Plan

Additionally, most of the communication an organization performs is already registered through emails, Slack messages, etc. - so those can act as “registers”.

If you do want to create a separate Communication plan, then this article will provide you with further explanation about communication plan:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 06, 2023

Jun 06, 2023