Combining the ISO 27001 policies into one manual
Assign topic to the user
Although it is acceptable by the standard to combine all of the ISO27001 documents into one manual handbook, in most cases, it is not a good idea, because if you put all the policies and procedures into a single document this will make the reading of such a document very difficult.
Regarding version control and review, they would be performed the same way if documents are separately documented, but updated information will be consolidated in a single document.
This article will provide you a further explanation about ISMS Manual:
- Is the ISO 27001 Manual really necessary? https://advisera.com/27001academy/blog/2014/02/03/is-the-iso-27001-manual-really-necessary/
This material will also help you regarding ISMS documentation:
- Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/
Comment as guest or Sign in
Oct 29, 2021