LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

Compliance questionnaire

  Quote
Guest
Guest user Created:   Apr 26, 2018 Last commented:   Apr 26, 2018

Compliance questionnaire

Estou fazendo um trabalho acadêmico (Artigo) sobre segurança da informação no qual eu tenho que elaborar um questionário com o objetivo de analisar a aderência da segurança da informação adotadas nas empresas com a norma ISO 27002.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 26, 2018

Você poderia por gentileza, dar uma orientação em como formular esse questionário?

(I am doing an academic paper (Article) on information security in which I have to prepare a questionnaire with the purpose of analyzing the adherence of information security adopted in companies with ISO 27002.

Could you please give guidance on how to formulate this questionnaire?)

Answer: Basically you have to identify for each control what is required (generally an action followed by the word "should") and formulate a question based on it.

For example, for control 5.1.1 (Policies for information security), the requirement is:

"A set of policies for information security should be defined, approved by management, published and communicated to employees and relevant external parties."

So a proper question would be "Are t here policies for information security defined, approved by management, published and communicated to relevant parties?"
For reference, I suggest you to take a look at our ISO 27001 Gap Analysis Tool at this link: https://advisera.com/27001academy/free-iso-27001-gap-analysis-tool/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 26, 2018

Apr 26, 2018