Content of ISO 27001 & EU GDPR Toolkit
Assign topic to the user
I’m assuming the information you provided is from the List of documents file from the ISO 27001 toolkit (ISO 27000 is not a certifiable standard).
Considering that, the Incident Management Procedure document is mandatory only if control A.16.1.5 Response to information security incidents deemed as is applicable.
Considering the ISO 27001 & EU GDPR Toolkit, the document you should look for is the Data Breach Response and Notification Procedure, which covers the same requirements of the Incident Management Procedure, and also GDPR Articles 4(12), 33, 34. This is document 14.A.16, item 85, in the List of documents file from ISO 27001 & EU GDPR Toolkit.
Comment as guest or Sign in
Dec 21, 2021