Guest user Created: Jan 03, 2018 Last commented: Jan 03, 2018

Does the toolkit include the 27002 documentation and best practices?

I was just about to purchase the ISO 27001 toolkit to get started on this important project, but after reading a couple of your blog posts, I have a question. It seems that ISO 27002 provides details on which and how to implement 27001 controls. Does the toolkit include the 27002 documentation and best practices? If not, how to I leverage the 27002 information?

0 0

Assign topic to the user

Select user

Expert

Dejan Kosutic Jan 03, 2018

Answer: This is correct, ISO 27002 provides details on the implementation of 114 controls from ISO 27001 Annex A.

In our ISO 27001 toolkit we have 22 policies and procedures that cover Annex A controls, and all of these have taken the best practices from ISO 27002.

You have to keep in mind that ISO 27001 does not require each Annex A to be documented, therefore we didn't develop documentation for some controls like physical security - our main focus was on optimizing the number of documents for smaller companies, so that we avoid any overkill. See also this article: List of mandatory documents required by ISO 27001 (2013 revision) https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/

You can see the list of documents in the ISO 27001 Documentation Toolkit here: https://advisera.com/27001academy/iso-27001-documentation-toolkit/ - just scroll to section called "Toolkit documents".

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 03, 2018

Expert Advice Community