Expert Advice Community

Guest

Electronic File/Folder structure SOP

  Quote
Guest
Guest user Created:   Mar 30, 2021 Last commented:   Mar 30, 2021

Electronic File/Folder structure SOP

My organization is looking to create an SOP on how to create a folders/file structure (electronic). We have lots of documents and everybody organizes their files/folders in their own way and it is a disaster... Does ISO 27001 addresses that issue?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Mar 30, 2021

ISO 27001, like other ISO management standards, has requirements for document and records management you can use to define how to create, approve, review, distribute, and communicate them, among other things.

Considering electronic documents and records, if the quantity of them is not so big you can consider organizing them in folders identified by each section of the standard which requires them (e.g., in folder named "Information Security Policy" you can store the Information security policy, in folder "Risk assessment and Treatment" you can store documents and records related to the risk management process, etc.)

If the quantity of documents is big, you should consider a document management solution (you can see an example of such solution in our platform Conformio at this link: https://advisera.com/conformio/)

For physical records, you should consider a central cabinet to store them, adopting a folder structure similar to the electronic documents.

To see how a procedure to control documents and records compliant with ISO 27001, please take a look at the free demo of this template: https://advisera.com/27001academy/01academy/emy/ademy/my/documentation/procedure-for-document-and-record-control/

These articles will provide you a further explanation about document and record management:
- Document management in ISO 27001 & BS 25999-2 https://advisera.com/27001academy/01academy/emy/ademy/my/blog/10/03/30/document-management-within-iso-27001-bs-25999-2/
- Records management in ISO 27001 and ISO 22301 https://advisera.com/27001academy/01academy/emy/ademy/my/blog/14/11/24/records-management-in-iso-27001-and-iso-22301/

These materials will also help you regarding document and record management:
- Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/h-guide/g-iso-documentation-plain-english-guide/
- Free online training ISO 27001 Foundations Course https://training.advisera.com/se/iso-14001-internal-auditor-course/o-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 29, 2021

Mar 29, 2021