Expert Advice Community

Guest

ISMS Manual contents

  Quote
Guest
Guest user Created:   Jan 18, 2021 Last commented:   Jan 18, 2021

ISMS Manual contents

I'm currently guiding an ISO27001 implementation project and aiding people in my team understanding what documentation needs to be done. A topic that comes regularly is the need for an ISMS Manual. I understand this not a mandatory document and to be honest it takes in lots of repeated (summary) information already in other documents of our ISMS.


However, I understand some concepts written in this manual may be useful, such as explaining our Information Security organisational structure and the documental framework of the ISMS (what documents do we have, how do we split them into policies, procedures, work instructions, etc.).

What do you recommend for documenting this type of info?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 18, 2021

The information about the Information Security organizational structure can be described in the Information Security Policy. You can see a demo template of this document at this link: https://advisera.com/27001academy/documentation/information-security-policy/

The documental framework of the ISMS can be defined in a Procedure for Document and Record Control. You can see a demo template of this document at this link: https://advisera.com/27001academy/documentation/procedure-for-document-and-record-control/

These articles will provide you a further explanation:

These materials will also help you:

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Jan 18, 2021

Jan 18, 2021