Expert Advice Community

Guest

Do we need separate Cloud Security Policy?

  Quote
Guest
Guest user Created:   Jul 20, 2022 Last commented:   Jul 20, 2022

Do we need separate Cloud Security Policy?

If our business is Saas and it's all in CLoud for example. Currently, we need to have Information Security Policy as the required document. But do we need a separate Cloud Security Policy ?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jul 20, 2022

Unless you have a legal requirement (e.g., law, regulation, or contract) demanding a Cloud Security Policy, you do not have to implement one. The Information Security Policy is enough to provide guidelines for the protection of information in cloud environments

For further information, see:

  • What is the ISO 27001 Information Security Policy, and how can you write it yourself? https://advisera.com/27001academy/blog/2016/05/30/what-should-you-write-in-your-information-security-policy-according-to-iso-27001/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 20, 2022

Jul 20, 2022

Suggested Topics