Expert Advice Community

Guest

Information Security Policies and Procedures

  Quote
Guest
Guest user Created:   Jun 28, 2022 Last commented:   Jun 28, 2022

Information Security Policies and Procedures

1 - Can you have a look at the document (for review proposes)? The document will be sent once you confirm. 2 - What do you recommend, shall I keep all Information Security policies and procedures in 1 document or shall I keep every policy in 1 document and the procedures in also in another document.
0 0

Assign topic to the user

ISO 27001 IT SECURITY POLICY

Define the detailed security rules for everyone in the company.

ISO 27001 IT SECURITY POLICY

Define the detailed security rules for everyone in the company.

Expert
Rhand Leal Jun 28, 2022

1 - Can you have a look at the document (for review proposes)? The document will be sent once you confirm.

Yes, you can send us the finished document for an expert review. In your package, you have the option of the review of 5 documents.

2 - What do you recommend, shall I keep all Information Security policies and procedures in 1 document or shall I keep every policy in 1 document and the procedures in also in another document.

ISO 27001 does not prescribe how documentation must be elaborated, so organizations can develop them the way it best suits their needs.

The main criteria to decide to merge documents or not are if they have similar purposes and if by merging them they would not become a document too big to understand and read. So, if your single document does not become too big to use and manage it may be best to merge them, so you have fewer documents to manage in your ISMS.

These articles will provide you with a further explanation about developing policies:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 28, 2022

Jun 28, 2022

Suggested Topics

Guest user Created:   Aug 29, 2018 ISO 27001 & 22301
Replies: 1
0 0

Defining scope

Guest user Created:   May 03, 2017 ISO 27001 & 22301
Replies: 1
0 0

Audit report finding