Expert Advice Community

Guest

ISMS and BCMS

  Quote
Guest
Guest user Created:   Aug 18, 2022 Last commented:   Aug 18, 2022

ISMS and BCMS

I am delighted to be able to start implementing the ISO 27001 standard. I have several questions as I begin to complete your documents:

1. In the document "PROCEDURE FOR THE CONTROL OF DOCUMENTS AND RECORDS", I have to choose between ISMS and SMCA.

When filling out the "PROJECT PLAN", I read one of your comments "Delete this text and the table if business continuity management is not part of the project."

Can we do both with your kit? Does choosing the ISMS automatically include the SMCA?

2.In the document "PROCEDURE FOR THE CONTROL OF DOCUMENTS AND RECORDS", we must define the Title of a post ensuring the conformity of the documents.

We are 5 in the company. I am the founder and I took charge of the file. Should I put my name, my post of "President" or other.

Can I put my role in this "Quality Manager" project?

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 18, 2022

1. In the document "PROCEDURE FOR THE CONTROL OF DOCUMENTS AND RECORDS", I have to choose between ISMS and SMCA.

When filling out the "PROJECT PLAN", I read one of your comments "Delete this text and the table if business continuity management is not part of the project."

Can we do both with your kit? Does choosing the ISMS automatically include the SMCA?

I’m assuming that by SMCA you mean Système de Management de la Continuité des Activités

Considering that, the FR ISO 27001 Documentation Toolkit you bought can be used only to implement ISO 27001. What happens is that some templates in the ISO 27001 Documentation Toolkit are also used for ISO 22301 implementation, but your toolkit does not have all templates for implementing ISO 22301 (this is not an automatic choice, you need to choose the toolkit according to your specific needs).

For implementing both ISO 27001 and ISO 22301 you will need the ISO 27001 & ISO 22301 Premium Documentation Toolkit (this toolkit contains all templates designed for both ISO 27001 and ISO 22301): https://advisera.com/27001academy/fr/boite-a-outils-iso-27001-iso-22301-premium/

2.In the document "PROCEDURE FOR THE CONTROL OF DOCUMENTS AND RECORDS", we must define the Title of a post ensuring the conformity of the documents.

We are 5 in the company. I am the founder and I took charge of the file. Should I put my name, my post of "President" or other.

Can I put my role in this "Quality Manager" project?

ISO 27001 does not specify how to identify responsibilities in documents, but common practice is to use job titles, so in case a person is replaced you do not need to update the document.

Considering your case, if the "Quality Manager" role will be used after the project is concluded then you can use it. If not you should use the “President” role.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 18, 2022

Aug 18, 2022

Suggested Topics

Guest user Created:   Oct 04, 2022 ISO 27001 & 22301
Replies: 2
0 0

Question on risk assessment

Guest user Created:   Oct 04, 2022 ISO 27001 & 22301
Replies: 1
0 0

ISO 27002