Expert Advice Community

Home / ISO 27001 & 22301 / Information security profile

Guest

Information security profile

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Mar 11, 2017 Last commented:   Mar 11, 2017

Information security profile

ISO 27001 & 22301
In your diagram of ISO 27001:2013 Implementation process, there is milestone called “Develop a security profile of the company”. What does this mean? Is it simply the set of controls that will apply to the organisation in the statement of applicability?
0 1

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal Mar 11, 2017

Answer: Yes, in the context of the Implementation process diagram, the security profile is exactly the Statement of Applicability, which shows what controls are applicable or not and why.

These materials will also help you regarding information security profile:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 11, 2017

Mar 11, 2017

Suggested Topics
Guest user Created:   Sep 15, 2022 ISO 27001 & 22301
Replies: 1
0 0

Doubts about the package of documents to buy
Guest user Created:   Jun 01, 2018 ISO 27001 & 22301
Replies: 1
0 0

Auditor profile
Guest user Created:   Aug 17, 2016 ISO 27001 & 22301
Replies: 1
0 0

Tasks for an information security consultant