Guest user Created: Oct 12, 2018 Last commented: Oct 12, 2018

HR document release

Is the release of an HR document into an area of general access by staff a non conformance of the HR controls or an incident or is it possibly both?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Oct 12, 2018

Answer:

First you have to identify what your HR controls state about this situation. If the document was released in a way different from what is defined by them, or they define that the document must not be released at all, then you have a non conformance.

Now, regarding a possible incident, you have to evaluate if this release has caused any negative impact to the person to which the document relates to, or if this release has breached any legal requirement you have to comply with.

These article will provide you further support to evaluate this information:
- Information classification according to ISO 27001 https://advisera.com/27001academy/blog/2014/05/12/information-classification-according-to-iso-27001/
- How to handle incidents according to ISO 27001 A.16 https://advisera.com/27001academy/blog/2015/10/26/how-to-handle-incidents-according-to-iso-27001-a-16/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Oct 12, 2018

Expert Advice Community