Filling in ISMS policy template
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Section 4.1 consists of 4 (under)sections. I have a question about (under)section 1, 3 and 4 of section 4.1. In section 1 our company defined JUST ONE general objective (reducing the number of incidents by XX %). Does section 3 and 4 refer to section 1 or to section 1 and 2? If I have just one general objective and section 3 and 4 refer to section 1 then I have to write section 3 and 4 in singular too. Does section 3 and 4 refer to section 1 and 2 (where the control objectives are involved too) I can leave it like it is (in plural). Whats is right? To which section refer section 3 and 4?
Answer:
Section 4.1 paragraph 2) speaks about objectives for controls, and paragraphs 3) and 4) refer to both top-level objective(s) mentioned in paragraph 1 and control objectives mentioned in paragraph 2.
Comment as guest or Sign in
Oct 23, 2018