Expert Advice Community

Guest

Information security profile

  Quote
Guest
Guest user Created:   Mar 11, 2017 Last commented:   Mar 11, 2017

Information security profile

In your diagram of ISO 27001:2013 Implementation process, there is milestone called “Develop a security profile of the company”. What does this mean? Is it simply the set of controls that will apply to the organisation in the statement of applicability?
0 1

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Mar 11, 2017

Answer: Yes, in the context of the Implementation process diagram, the security profile is exactly the Statement of Applicability, which shows what controls are applicable or not and why.

These materials will also help you regarding information security profile:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://training.advisera.com/course/iso-27001-foundations-course/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 11, 2017

Mar 11, 2017

Suggested Topics