Expert Advice Community

Guest

Control A.12.1.1

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Control A.12.1.1

In the "Mandatory documents and records required by ISO 27001:2013" section on the iso27001standard website, a document called "Operating procedures for IT management" is mentioned. However, the associated control (A.12.1.1) simple says "Documented operating procedures: Operating procedures shall be documented and made available to all users who need them" and mentions nothing about "IT management", so I'm wondering where that term came from. 
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
DejanK Jan 12, 2016

Answer: In section A.12.1 of ISO 27001 you'll find the following objective: "To ensure correct and secure operations of information processing facilities."; further, when you read each control in A.12 you'll see they are very IT oriented.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016