SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

Doubt in filling in documents

  Quote
Guest
Guest user Created:   Nov 05, 2021 Last commented:   Nov 05, 2021

Doubt in filling in documents

Good morning, We acquired the document kit for ISO 27001 and I have doubts about how to fill it out. How can I clarify these doubts? Doubt 1: Some of the links pointed out in the comments are no longer available, is there an update? Doubt 2: Some documents mention “[position]”, I would like to know what is the most advisable way to change this variable? If for an existing position even if that position is in several functions or fill with a position to be created but which will temporarily be occupied by the same person? Question 3: How can I find out which laws are mandatory for my company/situation?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 05, 2021

Doubt 1: Some of the links pointed out in the comments are no longer available, is there an update?

Answer: First of all, sorry for this situation.

Please provide information about the missing links and we will send you the correct ones.

Doubt 2: Some documents mention “[position]”, I would like to know what is the most advisable way to change this variable? If for an existing position even if that position is in several functions or fill with a position to be created but which will temporarily be occupied by the same person?

Answer: First is important to note that both approaches are acceptable to fulfill the standard’s requirements. The suggested approach is to use the position that will be responsible for the activity in the long term, regardless of the person that will be designated for it. This way you will minimize the need to update the document to change the responsible position.

Comments for each [position] suggests which job titles you might use. Also, included in the toolkit you have access to video tutorials which show how these positions could be filled out for some documents.

For further information, see:
- How to document roles and responsibilities according to ISO 27001 https://advisera.com/27001academy/blog/2016/06/20/how-to-document-roles-and-responsibilities-according-to-iso-27001/

Question 3: How can I find out which laws are mandatory for my company/situation?

Answer: For this situation, our recommendation is for you to look for local legal advice.

As for a starting point, you can use the information in this link:
- Laws and regulations on information security and business continuity https://advisera.com/27001academy/knowledgebase/laws-regulations-information-security-business-continuity/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 05, 2021

Nov 05, 2021

Suggested Topics

Guest user Created:   Jun 10, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 implementation

Guest user Created:   Apr 27, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 implementation