Expert Advice Community

Guest

Gap analysis question

  Quote
Guest
Guest user Created:   Apr 17, 2023 Last commented:   Apr 17, 2023

Gap analysis question

They have sent me a gap analysis agenda on the implementation of ISO 27001:2013. The documentation I have acquired allows me, I understand, once completed, to respond to this gap analysis. This is correct?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 17, 2023

First is important to note that the toolkit provides all the steps and documents for the implementation, and the best way for you is to follow the logic of the toolkit.

Considering that, you can use the results of the gap analysis to decide which controls to prioritize (once you start working on the folder Implementation Plan), but gap analysis, in general, is not required for small organizations, because the effort to perform it does not bring a significant advantage to the implementation process (it is better to perform the risk assessment during the implementation).

Please note that a gap analysis is used for you to assess your current situation regarding ISO 27001 requirements, so you can use it right now. At this time the gap analysis will give you an understanding of the effort to implement the standard.

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 17, 2023

Apr 17, 2023

Suggested Topics

Guest user Created:   Mar 03, 2023 ISO 27001 & 22301
Replies: 1
0 0

Gap Analysis Question

Guest user Created:   May 24, 2019 ISO 27001 & 22301
Replies: 1
0 0

Gap analysis questionnaire

Guest user Created:   Jun 09, 2023 ISO 27001 & 22301
Replies: 1
0 0

Question about gap analysis