Expert Advice Community

Guest

How to create item 4 of ISO 27001

  Quote
Guest
Guest user Created:   Jul 09, 2020 Last commented:   Jul 09, 2020

How to create item 4 of ISO 27001

I am implementing ISO 27001 in the company I work for, but the spreadsheet created by the consultancy that serves us is more based on ISO 9001 than for ISO 27001, is there another way to document this item, or would it be basically like ISO 9001?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jul 09, 2020

I understand that you are referring to the list of legal requirements for ISO 27001.

Considering that, although the type of information to be gathered to fulfill requirements of section 4 (Organization Context) are basically the same for ISO 9001 to ISO 27001 (e.g., the requirement, responsible, due date, etc.), and by this, if the spreadsheet provided by your consultancy is compliant with ISO 9001, then it also complies with ISO 27001, the requirements for quality are very different from requirements for information security.

For example, for ISO 27001 the requirement would be to comply with LGPD, whereas for ISO 9001 the requirement would be to comply with some manufacturing-related regulation. So it would be better to list the legal, regulatory, and contractual requirements in separated documents for ISO 27001 and for ISO 9001.

To see how a document that lists the legal requirements for ISO 27001 looks like, I suggest you take a look at the free demo of  our List of Legal, Regulatory, Contractual and Other Requirements at this link: https://advisera.com/27001academy/documentation/list-of-legal-regulatory-contractual-and-other-requirements/

This article will provide you a further explanation about the identification of requirements:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 09, 2020

Jul 09, 2020

Suggested Topics

Guest user Created:   Nov 11, 2019 ISO 27001 & 22301
Replies: 1
0 0

Internal audit report

Guest user Created:   Aug 15, 2017 ISO 27001 & 22301
Replies: 1
0 0

Sales audit