Expert Advice Community

Guest

How to use ISO 27001 in the hospital

  Quote
Guest
Guest user Created:   Jul 15, 2020 Last commented:   Jul 15, 2020

How to use ISO 27001 in the hospital

How to successfully implement ISO 27001 in the hospital?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jul 15, 2020

ISO 27001 was designed to be implemented in organizations of any size and industry, and broadly speaking, these are the general steps to implement it on any organization:

  1. get support for your project (through approval of the ISMS project plan);
  2. develop the Procedure for Document and Record Control:
  3. define the ISMS basic framework (e.g., scope, objectives, organizational structure), by understanding the organizational context and requirements of interested parties;
  4. develop risk assessment and treatment methodology;
  5. perform a risk assessment and define the risk treatment plan;
  6. controls implementation (e.g., policies and procedures documentation, acquisitions, etc.);
  7. people training and awareness;
  8. controls operation;
  9. performance monitoring and measurement;
  10. perform an internal audit;
  11. perform management critical review; and
  12. address nonconformities, corrective actions, and opportunities for improvement.

Regarding ISO 27001 implementation approaches, you have three options:

  • Implementing with your own employees (in general the cheapest and longest)
  • Hiring a consultant (in general the costliest and fastest)
  • Implementing by yourself with external support (a balanced solution)

Each one of them has its advantages and disadvantages, related to time, resources, and knowledge. For more information, I suggest the following materials:

Advisera is specialized in the third approach. We offer toolkits with templates and expert support, and also free material in the form of articles, papers, and webinars, to help you with your implementation project. Please see these materials for more information:

This article will provide you a further explanation about ISMS implementation:

These materials will also help you regarding ISO 27001 implementation:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 15, 2020

Jul 15, 2020

Suggested Topics

Guest user Created:   May 13, 2017 ISO 27001 & 22301
Replies: 1
0 0

Organizational context

Guest user Created:   Jul 21, 2021 ISO 27001 & 22301
Replies: 1
0 0

Vendor security clauses