Expert Advice Community

Guest

Evidence to verify leadership and commitment in ISMS

  Quote
Guest
Guest user Created:   Jan 13, 2016 Last commented:   Jan 13, 2016

Evidence to verify leadership and commitment in ISMS

0 0

Assign topic to the user

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.

Guest
AntonioS Jan 13, 2016

what evidence would be acceptable to verify the existence and effectiveness of "leadership and commitment in ISMS
 

Answer:

You can use records as evidence. For example, if you need to demonstrate the leadership and commitment of the Top Management with respect to the ISMS ensuring that the information security policy and the information security objectives are established and are compatible with the strategic direction of the organization (point a, paragraph 5.1 Leadership and commitment of the ISO 27001:2013), you need records about the definition and approval of both (policy and objectives) by Top Management, and you can do it for example with minutes. 
So, the way is: to see the requirements established by ISO 27001:2013 5.1 Leadership and commitment, and generate records for each one. Anyway, keep in mind that is not mandatory to have records for this paragraph, here you can see a complete list of mandatory documents/records (and non mandatory) “List of mandatory documents required by ISO 27001 (2013 revision)” : https://advisera .com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/
Finally, this article about records can be interesting for you “Records management in ISO 27001 and ISO 22301” : https://advisera.com/27001academy/blog/2014/11/24/records-management-in-iso-27001-and-iso-22301/
And also this article "Why is management review important for ISO 27001 and ISO 22301?" : https://advisera.com/27001academy/blog/2014/03/03/why-is-management-review-important-for-iso-27001-and-iso-22301/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016