Expert Advice Community

Guest

Inquiry about Gap Analysis

  Quote
Guest
Guest user Created:   Sep 07, 2020 Last commented:   Sep 07, 2020

Inquiry about Gap Analysis

I have been following your studies and materials about ISO27001 implementation on your website. You stated on your website at https://advisera.com/27001academy/01academy/emy/ademy/my/knowledgebase/iso-27001-gap-analysis-vs-risk-assessment/ that Gap analysis is done only for Annex “A” controls and that, one DOES NOT need to perform gap analysis for clauses of the main part of the standard. I believe you are referring to the mandatory management clauses from clause 4 to 10. ( Please find attached screenshot)
https://i.imgur.com/WD5Wr5D.png

Now, my confusion is coming from the ISO 27001 Gap Analysis tool you provided on your website at https://advisera.com/27001academy/01academy/emy/ademy/my/free-iso-27001-gap-analysis-tool/?icn=free-gap-analysis-tool-27001&ici=bottom-iso-27001-gap-analysis-tool-txt. In this Gap Analysis tool, you included the mandatory management clauses (i.e. clause 4 to 10) as part of the Gap Analysis checklist when you stated previously that Gap analysis is not performed for the mandatory management clauses.

Can you please explain why?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 07, 2020

Please note that the article states that "you don't need" to perform gap analysis for clauses of the main part of the standard, not that it cannot be performed.

The provided tool in our website has a different purpose than help verify the fulfillment of a standard's requirement: it can be used by organizations in order they get an overall and general feeling of where they are in the current moment, and to find out which resources they may need to employ in order to implement ISO 27001 before any real action or project is developed and implemented.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 07, 2020

Sep 07, 2020

Suggested Topics

Guest user Created:   Jul 20, 2021 ISO 27001 & 22301
Replies: 1
0 0

Question about BIA form

Guest user Created:   Jul 12, 2021 ISO 27001 & 22301
Replies: 1
0 0

Question about training

Guest user Created:   Jun 29, 2021 ISO 27001 & 22301
Replies: 1
0 0

Question about A.7.1.2