Filling documentation
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
We're advised to finish security audit until this Oct 1st, otherwise it will become more difficult (new items will be added).
1 - Do you think we can finish the documentation in a week?
Answer: No, it is not possible to finish the whole documentation for ISO 27001 in a week because: (1) you will have to write at least a dozen documents (for a smaller company), up to ca 50 documents for a mid-sized company, (2) each document needs to be agreed, reviewed and approved by a couple of people, and most importantly (3) it will take a while before your employees start changing their activities according these new rules.
Here are a couple of materials that will help you:
- List of mandatory documents required by ISO 27001 (2013 revision) https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/
- ISO 27001 / ISO 22301 Implementation Duration Calculator htt p://advisera.com/27001academy/free-tools/free-calculator-duration-of-iso-27001-iso-22301-implementation/
- ISO 27001 project – How to make it work https://advisera.com/27001academy/blog/2013/04/22/iso-27001-project-how-to-make-it-work/
- How long does it take to implement ISO 27001 https://advisera.com/27001academy/blog/2011/11/08/how-long-does-it-take-to-implement-iso-27001-bs-25999/
2 - What is the most time consuming part while doing security audit?
Answer: The most time consuming part is the audit of implemented practices, because you have to walk around the company and talk to employees, check the computers and other equipment, observe physical security, among other things. To help you go through this as quickly as possible, it is crucial to have a checklist of things you have to check.
These articles will provide you further explanation about performing an audit:
- 7 ways to improve the internal audits of your ISO 27001 ISMS https://advisera.com/27001academy/blog/2017/08/28/7-ways-to-improve-the-internal-audits-of-your-iso-27001-isms/
- How to make an Internal Audit checklist for ISO 27001 / ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/
These materials will also help you regarding documentation and auditing:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Sep 05, 2017