Incident Response Plan Policy
I’m in the process of writing an Incident Response Plan Policy. Our company purchased the 27001 Documentation Toolkit and I only saw the IRP Procedure. Do you have a IRP Policy somewhere in this toolkit that I can’t find or do I have to purchase this separately?
Assign topic to the user
Advisera's ISO 27001 Documentation Toolkit does not have an Incident Response Plan Policy, and neither there is a separate template, because of the following reasons:
- ISO 27001 does not require an Incident Response Plan Policy to be documented
- If the toolkit had a document for each control, there would be too many documents, and this would be an overkill for smaller and mid-size companies.
Since our target are SMEs, we have decided to include an optimum amount of documents for companies of this size - the toolkit includes:
- All the mandatory documents - e.g., Information Security Policy, Statement of Applicability, Risk Assessment Methodology, Access Control Policy, etc.
- Documents that are not mandatory, but are commonly used - e.g., BYOD Policy, Classification Policy, Password Policy, Backup Policy, etc.
In case you identify that your organization needs an Incident Response Plan Policy, as part of your toolkit, you can schedule a meeting with one of our experts so he can support you in developing the required documentation using the blank template included in the toolkit (you can also ask additional questions you want through e-mail).
To schedule a meeting, use this link: https://advisera.com/27001academy/consultation/
Comment as guest or Sign in
Feb 23, 2021