Expert Advice Community

Guest

ISMS Framework vs IS Policy

  Quote
Guest
rijal Created:   Sep 10, 2020 Last commented:   Sep 16, 2020

ISMS Framework vs IS Policy

What is the difference between ISMS Framework and an Information Security policy?

Which one should come first?

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 16, 2020

 An Information Security Policy is a single top-level document, whereas an ISMS has several documents, each of which focuses on one area. 

To see how an Information Security Policy looks like, see the demo in this link: https://advisera.com/27001academy/01academy/emy/ademy/my/documentation/information-security-policy/

Regarding which one comes first, the Information security policy is one of the first documents to write for ISMS, helping defining all other documents.

These articles will provide you a further explanation about ISO 27001 and Information Security Policy:
- What is ISO 27001 https://advisera.com/27001academy/01academy/emy/ademy/my/what-is-iso-27001/
- Where to start from with ISO 27001 https://advisera.com/27001academy/01academy/emy/ademy/my/knowledgebase/iso-27001-where-to-start-most-important-materials/
- What should you write in your Information Security Policy according to ISO 27001? https://advisera.com/27001academy/01academy/emy/ademy/my/blog/16/05/30/what-should-you-write-in-your-information-security-policy-according-to-iso-27001/

These materials will also help you regarding ISO 27001:
- ISO 27001 Foundations Course https://training.advisera.com/se/iso-14001-internal-auditor-course/o-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 10, 2020

Sep 16, 2020

Suggested Topics