Guest user Created: Jan 14, 2019 Last commented: Jan 14, 2019

Coverage of ISO 27001 requirements in the toolkit

We have the ISO 27001 and ISO 22301 Premium packet. I find not the Point 8. Annex A Point A5 and within A7 I have only two documents. In real it must be Minimum 5 documents.

0 0

Assign topic to the user

Select user

Expert

Dejan Kosutic Jan 14, 2019

Answer: The toolkit covers mentioned clauses in the following way:
- Clause 8.1 (Operational planning and control) - this is covered by all the policies and procedures you'll find in the toolkit in folder "08 Annex A"
- Clauses 8.2 and 8.3 (Information security risk assessment and treatment) - you'll find the documents in the folder "05 Risk assessment and risk treatment methodology"
- Annex A.5 (Information security policies) - this is covered by all the policies and procedures you'll find in the toolkit in folder "08 Annex A"
- Annex A.7 (Human resource security) - besides the two documents in the folder "07 Human resources security", the document Supplier security policy (folder 08 - A.15) covers controls A.7.1.1, A.7.1.2 and A.7.2.2, Security clauses for suppliers and partners (folder 08 - A.15) covers the control A.7.1.2, and Incident management procedure (folder 08 - A.16) covers A.7.2.3.

By the way, in the root folder of your toolkit you'll find a PDF document called "List of documents" where it is specified which document covers which clause of the standard.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 14, 2019

Expert Advice Community