Expert Advice Community

Guest

Documented processes

  Quote
Guest
Guest user Created:   Apr 17, 2023 Last commented:   Apr 17, 2023

Documented processes

I have a question - must a team have documented processes to comply with ISO 27001? In other words, if during an audit you come across a team that has not documented their processes, is that a non conformity?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 17, 2023

Please note that ISO 27001 does not require all processes included in the ISMS scope to be documented. Unless a process is specifically required by the standard (e.g. Risk assessment and risk treatment process in clause 6.1.2), or the organization states that it needs to be documented, then you do not need to document it.

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 17, 2023

Apr 17, 2023

Suggested Topics