Expert Advice Community

Guest

Corporate information security policy

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Corporate information security policy

If there is a corporate information security policy, what sort of information should be added into this policy so that it can comply with the 2013 ISO standard?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
DejanK Jan 12, 2016

Answer: Basically, ISO 27001:2013 requires you to include these items in the top-level policy (clause 5.2):
- Objectives and framework for setting them
- Commitment to fulfill the requirements
- Commitment for continual improvement

So not really much.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics

Guest user Created:   Feb 01, 2022 ISO 27001 & 22301
Replies: 1
0 0

Annex A Controls in Conformio

Guest user Created:   Apr 27, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 implementation

SHUHARI Created:   Nov 23, 2019 ISO 27001 & 22301
Replies: 1
0 0

27001 Scope Confusion