Expert Advice Community

Home / ISO 27001 & 22301 / Division of tasks

Guest

Division of tasks

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Feb 13, 2018 Last commented:   Feb 13, 2018

Division of tasks

ISO 27001 & 22301
I am currently the only individual responsible for information security management, quality management, business continuity management and GDPR in an organisation with circa. 4-500 employees across UK and international offices?
0 0

Assign topic to the user

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal Feb 13, 2018

Notwithstanding the workload, do you think this is feasible or are there any potential conflicts of interest here?

Answer: A single person to manage such scope (considering the different systems, number of personnel and multiple offices), may compromise the systems effectiveness, because not only the common aspects of the systems (e.g., control of documents, internal audit, processes and controls monitoring, etc.), but the specific activities required by each system (risk assessment, business impact analysis, and processes monitoring), and support required by employees can easily overload a single person time and capacity.

You should consider at least another person to assume part of the tasks.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 13, 2018

Feb 13, 2018

Suggested Topics
Guest user Created:   Jul 29, 2020 ISO 27001 & 22301
Replies: 1
0 0

Analysis with each standard and implementation
Guest user Created:   Jul 08, 2016 ISO 27001 & 22301
Replies: 1
0 0

Estimating the price for risk assessment
Guest user Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 powerpoint presentation