Guest user Created: Jan 12, 2016 Last commented: Jan 12, 2016

Disciplinary actions

In which document should we talk about disciplinary actions (or penalties) if the ISMS is violated by an employee? Is this point covered in a template provided?

0 0

Assign topic to the user

Select user

Guest

AntonioS Jan 12, 2016

There are a couple of documents related to this:

Incident Management Procedure: https://advisera.com/27001academy/documentation/incident-management-procedure/ (If you have our toolkit you can find this document in the folder: 08 Annex AA.16 Information security incident management)
Statement of Acceptance of ISMS Documents: https://advisera.com/27001academy/documentation/statement-of-acceptance-of-isms-documents/ (If you have our toolkit you can find the document in the folder: 08 Annex AA.7 Human resource security)

Also, you can see which template covers which control in the document Statement of Applicability template: https://advisera.com/27001academy/documentation/statement-of-applicability/ (If you have our toolkit you can find the document in the folder: 06 Statement of Applicability)

Finally, keep in mind that it is one of the activities that the CISO of the o rganization needs to perform and it is related to the Human resources management (to know more about this, please read this article: What is the job of Chief Information Security Officer (CISO) in ISO 27001? https://advisera.com/27001academy/knowledgebase/what-is-the-job-of-chief-information-security-officer-ciso-in-iso-27001/).

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community