Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021
CHOOSE YOUR EXAM BUNDLE

Expert Advice Community

Home / ISO 27001 & 22301 / Documentation of control A.12.7.1

Guest

Documentation of control A.12.7.1

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jul 13, 2018 Last commented:   Jul 13, 2018

Documentation of control A.12.7.1

ISO 27001 & 22301
I’m in the middle of our journey towards to certification. Performed risk assessment and now it’s time to prepare risk treatment plan and SOA.
0 0

Assign topic to the user

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.
Expert
Rhand Leal Jul 13, 2018

I was wondering, how can I develop a control for A.12.7.1? should it be inside a policy? Which policy?

Answer: If you have identified risks or legal requirements that justify the application of control A.12.7.1 - Information systems audit controls, which requires careful planning and agreement regarding the verification of operational systems, I suggest you to develop its implementation in the Security Procedures for IT Department template, located in folder 11 Security Controls of the ISO 27001 Documentation Toolkit you bought.

This document helps define and ensure correct and secure functioning of information and communication technology for which the responsibility lays with the IT department, and you can include the implementation of control A.12.7.1 here.
Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Jul 13, 2018

Jul 13, 2018

Suggested Topics
Guest user Created:   Sep 24, 2021 ISO 27001 & 22301
Replies: 1
0 0

Documentation of requirements
Guest user Created:   Apr 29, 2020 ISO 27001 & 22301
Replies: 1
0 1

A.12.7.1 Information Systems Audit Controls
Rena Created:   Sep 15, 2021 ISO 27001 & 22301
Replies: 1
0 0

Conformio ISO Documentation