Conducting implementation/audit using ISO 27001 and ISO 27701 simultaneously
How does one conduct an implementation / an audit using ISO 27001 and ISO 27701 simultaneously?
Assign topic to the user
Please note that ISO 27701 was developed as an extension of ISO 27001 and ISO 27002. Considering that, the material already developed for ISO 27001 implementation/audit would need to undergo some adjustments to incorporate ISO 27701 aspects.
Our ISO 27001 toolkit is approximately 80% compliant with ISO 27701. The remaining 20% refers to small adjustments to include the protection of privacy in the context of the documents (e.g., where a document states “information security”, it now should state “information security and privacy”, and applicable controls should consider complementary privacy protection measures), and the inclusion of applicable controls specifically developed for ISO 27701 (in a total of 49 controls). To see how the documents in the toolkit look like, please access this link: https://advisera.com/27001academy/iso-27001-documentation-toolkit/
For further information, read:
- Relationship between ISO 27701, ISO 27001, and ISO 27002 https://advisera.com/27001academy/blog/2019/12/10/relationship-between-iso-27701-iso-27001-and-iso-27002/
These articles will provide you a further explanation about ISO 27001:
- What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
- Where to start from with ISO 27001 https://advisera.com/27001academy/knowledgebase/iso-27001-where-to-start-most-important-materials/
These materials will also help you regarding ISO 27001:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- ISO 27001 Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Feb 05, 2021