Guest user Created: Oct 18, 2016 Last commented: Oct 18, 2016

In which step of ISO implementation to write documents

I have a query and not very much clear on this. Please tell me in which phase or step of ISO implementation do we write all the policies and procedures. Is it during scope creation or during risk assessment or during control implementation? Can you please explain why it is better to create policies during that specific stage e.g. if created during scope stage and explain with the help of an example.

0 0

Assign topic to the user

Select user

Expert

Dejan Kosutic Oct 18, 2016

Answer: The ISO 27001 documentation is written in almost all steps of the implementation - these articles will help you:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
- List of mandatory documents required by ISO 27001 (2013 revision) https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/
- How to structure the documents for ISO 27001 Annex A controls https://advisera.com/27001academy/blog/2014/11/03/how-to-structure-the-documents-for-iso-27001-annex-a-controls/

Further, this free online training explains all the implementation steps: ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Oct 18, 2016

Expert Advice Community