Conformio roles
My name is the only available user for the steps in Conformio. What other users/roles would you recommend that I add? (Or does that actually come later in the process? The guide says I should not skip any steps, but at the same time I feel I need some new roles and users in the system)
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Please note that at any moment using Conformio you can click in the “Company setting” option in the left panel of your screen and access the link to “Job titles” to find a set of suggested roles to be included in your ISMS according to your needs (Company main executive, Information technology, Information security, Finance, Compliance, Marketing, Legal, Human resources, Office management, and Procurement).
For small companies, you should define at least the Company's main executive and Information security roles. For bigger companies, the roles to be selected will depend on the defined scope. In the case of a bigger company where all company is included in the Information Security scope, maybe you should use all roles.
An intermediary approach should consider the roles of the Company's main executive, Information technology, Information security, Finance, and Human resources, because they in general cover the most part of the scope. E.g., the HR roles can be responsible for employee’s training and awareness, Finance can be responsible for evaluating and approving security expenses.
Comment as guest or Sign in
Sep 02, 2023