Save 20% on accredited ISO 27001 course exams.
Limited-time offer – ends February 29, 2024
Use promo code:
EXAM20

Expert Advice Community

Guest

Information Security Plan

  Quote
Guest
Guest user Created:   Feb 25, 2023 Last commented:   Feb 25, 2023

Information Security Plan

<I need guidance on the preparation of the Information Security Plan. It would basically be what is an Information Security Plan and what is its structure.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 25, 2023

In the context of ISO 27001, the “Information Security Plan” is the Risk Treatment Plan, where you define all actions necessary to treat the relevant risks.

Before developing the Risk Treatment Plan, you need to several steps. For detailed information, see:

To develop the Risk Treatment Plan itself you should consider these steps:

  • definition of security controls to be implemented
  • who is responsible for implementing them
  • what are the deadlines for the implementation
  • which resources are needed (i.e. financial and human)
  • how the results will be evaluated

This article will provide you with further explanation about implementing the Risk Treatment Plan:

These materials will also help you:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 25, 2023

Feb 25, 2023

Suggested Topics