Guest post Created: Jan 12, 2016 Last commented: Jan 12, 2016

ISMS Policy and Objectives

I need to write a new policy called " ISMS Policy and Objectives". What does this policy contain? Is this necessary? Is this different from ISMS policy?

0 0

Assign topic to the user

Select user

Guest

AntonioS Jan 12, 2016

There are a list of mandatory documents that you need to implement the ISO 27001, and it contains "Information security policy and objectives" that I think is very similar to the document that you need. For more information about the Information Security Policy, please read this article "Information security policy - how detailed should it be?" : https://advisera.com/27001academy/blog/2010/05/26/information-security-policy-how-detailed-should-it-be/
This article can also interesting for you "ISO 27001 control objectives - Why are they important?" : https://advisera.com/27001academy/blog/2012/04/10/iso-27001-control-objectives-why-are-they-important/
Finally, here you can find a list of mandatory documents (and non mandatory) "List of mandatory documents required by ISO 27001 (2013 revision)": https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community

ISMS Policy and Objectives

ISMS Policy and Objectives

Assign topic to the user

Comment as guest or Sign in

Suggested Topics

Scope definition

Information security policies

Objectives documentation requirements