Get 4 FREE months of Conformio to implement ISO 27001

Expert Advice Community

Guest

Conformio roles

  Quote
Guest
Guest user Created:   Sep 02, 2023 Last commented:   Sep 02, 2023

Conformio roles

My name is the only available user for the steps in Conformio. What other users/roles would you recommend that I add? (Or does that actually come later in the process? The guide says I should not skip any steps, but at the same time I feel I need some new roles and users in the system)

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 02, 2023

Please note that at any moment using Conformio you can click in the “Company setting” option in the left panel of your screen and access the link to “Job titles” to find a set of suggested roles to be included in your ISMS according to your needs (Company main executive, Information technology, Information security, Finance, Compliance, Marketing, Legal, Human resources, Office management, and Procurement).

For small companies, you should define at least the Company's main executive and Information security roles. For bigger companies, the roles to be selected will depend on the defined scope. In the case of a bigger company where all company is included in the Information Security scope, maybe you should use all roles. 

An intermediary approach should consider the roles of the Company's main executive, Information technology, Information security, Finance, and Human resources, because they in general cover the most part of the scope. E.g., the HR roles can be responsible for employee’s training and awareness, Finance can be responsible for evaluating and approving security expenses.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 02, 2023

Sep 02, 2023