Content of ISO 27001 & EU GDPR Toolkit
which is a mandatory document for ISO 27000. Could you confirm please that it´s not a mistake?
In our company, we have our documentation for GDPR and ISO 27000 but we would like to improve it on our own using your templates and maybe be able to offer it to help some of our clients where possible. Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
I’m assuming the information you provided is from the List of documents file from the ISO 27001 toolkit (ISO 27000 is not a certifiable standard).
Considering that, the Incident Management Procedure document is mandatory only if control A.16.1.5 Response to information security incidents deemed as is applicable.
Considering the ISO 27001 & EU GDPR Toolkit, the document you should look for is the Data Breach Response and Notification Procedure, which covers the same requirements of the Incident Management Procedure, and also GDPR Articles 4(12), 33, 34. This is document 14.A.16, item 85, in the List of documents file from ISO 27001 & EU GDPR Toolkit.
Comment as guest or Sign in
Dec 21, 2021