ISMS awareness
For clause 7.3 of the ISO 27001 standard, it is required to ensure employees are aware of the information security policy, as well as their role and consequences of not complying. Is this covered through the document template "Statement of acceptance of ISMS"?
Assign topic to the user
ISO 27001 FOUNDATIONS COURSE
Everything you need to know about ISO 27001.
Enroll for free 
ISO 27001 FOUNDATIONS COURSE
Everything you need to know about ISO 27001.
Enroll for free
ISO 27001 FOUNDATIONS COURSE
Everything you need to know about ISO 27001.
Enroll for free
This is one way to evidence awareness, but you should also consider other alternatives, since this document is normally signed at the beginning of work relationship and stored in the employee file.
Like other methods of awareness, you should consider training sessions, and use of newsletters, which can be performed at a regular basis.
These articles will provide you a further explanation about awareness:
- What are the benefits of security awareness training for organizations? https://advisera.com/27001academy/blog/2019/03/27/what-are-the-benefits-of-security-awareness-training-for-organizations/
- How to perform training & awareness for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/05/19/how-to-perform-training-awareness-for-iso-27001-and-iso-22301/
- 8 Security Practices to Use in Your Employee Training and Awareness Program https://advisera.com/27001academy/blog/2015/03/02/8-security-practices-to-use-in-your-employee-training-and-awareness-program/
This material will also help you regarding awareness:
- Free Security Awareness Training: https://advisera.com/training/awareness-session/security-awareness-training/ - this is a series of 25 videos that cover various topics related to security.
Comment as guest or Sign in
Sep 17, 2019