SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

Confidentially statement

  Quote
Guest
Guest user Created:   Feb 28, 2022 Last commented:   Feb 28, 2022

Confidentially statement

Within the mandatory doc list, it is essential to provide the Confidentiality Statement doc. Within the Confidentiality Statement Doc it asks you to re word the confidentiality statement if just for employees, to say the following: If this Confidentiality Statement is signed by employees, replace this text with "... I will share confidential information only in accordance with the Policy for Handling Classified Information and other documents of [organization name]." But…. The Information Classification Policy is not mandatory. Please can you advise?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 28, 2022

Please note that the controls related to the Information Classification Policy do not require any documentation to be written, so you can have a Policy for Handling Classified Information implemented only as a set of practices that everyone knows and follows. For example, you can simply define that all your information is classified as restricted and include this information in the Statement of Applicability, as an implementation method, without the need to write a specific policy document.

This article will provide you a further explanation about information classification:

These materials will also help you regarding information labeling:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 28, 2022

Feb 28, 2022