Expert Advice Community

Guest

Determine external and internal issues

  Quote
Guest
Guest user Created:   Jan 13, 2016 Last commented:   Jan 13, 2016

Determine external and internal issues

0 0

Assign topic to the user

ISO 27001 INTERNAL AUDITOR COURSE

Everything you need to perform the internal audit for the first time.

ISO 27001 INTERNAL AUDITOR COURSE

Everything you need to perform the internal audit for the first time.

Guest
AntonioS Jan 13, 2016

"How to do determine external and internal issues that are relevant to organisation purpose and that  affect its ability to achieve the intended outcome(s) of information security management system"
 

Answer:

There are various points. For internal issues, you must make sure that your information security objectives are aligned with the business strategy, perform the risk assessment, determine resources, information security roles and responsibilities and capabilities. For external issues you simply need to identify interested parties. For more information about this, you can read this article “Explanation of ISO 27001:2013 clause 4.1 (Understanding the organization)” : https://advisera.com/27001academy/knowledgebase/how-to-define-context-of-the-organization-according-to-iso-27001/
And also this article can be interesting for you “How to identify interested parties according to ISO 2701 and ISO 22301” : https://advisera.com/27001academy/knowledgebase/how-to-identify-interested-parties-according-to-iso-27001-and-iso-22301//

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016