I work for a small company (33 employees) that is ISO 27001 and 27701 certified. We use SharePoint for document storage. Version control is documented manually on every procedure, policy, template, checklist, and training material in our company. In other words every time we update a process or materially change the content, we increment the version number, list the change, the date, and who approved it in the document. Each team has a Controlled Documents List to manage the documents for their team. This process is quite labor intensive, as we track changes and keep historical versions of each document, etc. It really is impeding the progress of keeping our documents up to date. With all this in mind, we are thinking of simplifying the process for documents that are not directly related to ISMS and PIMS. For example, is all this really necessary for the Sales Team process to create a proposal or for the Customer Care Team process to provide support for a customer using our software?
Assign topic to the user
In case the Sales and Customer Care processes are not part of the ISMS / PIMS certification scope you can simplify the document management process.
Please note that reducing the scope does not threaten the cause (manual work), only the symptom (excess of work).
For a definitive solution you should consider an automatized solution for document management. In this case, I suggest you take a look at our Conformio solution for the implementation and management of an ISMS. It has document management features that can help you manage your documents.
- Conformio (online tool for ISO 27001) https://advisera.com/conformio/
For further information, see:
- Top 5 features of your online ISO 27001 document management system https://advisera.com/conformio/blog/2020/08/13/top-5-features-of-your-online-iso-27001-document-management-system/
Comment as guest or Sign in
Sep 29, 2022