Expert Advice Community

Guest

ISMS Policy vs Information Security Policy

  Quote
Guest
Guest user Created:   Apr 22, 2022 Last commented:   Apr 22, 2022

ISMS Policy vs Information Security Policy

Are the ISMS Policy vs Information Security Policy the same or different polices?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 22, 2022

These are the same policies.

This confusion comes because ISO 27001:2013 defines that the top-level policy should be called "Information Security Policy", however, the old 2005 revision of ISO 27001 called this document "ISMS Policy".

See also this article: One Information Security Policy, or several policies? https://advisera.com/27001academy/blog/2013/06/18/one-information-security-policy-or-several-policies/

Quote
0 1
Guest
Ray Crago Apr 22, 2022

Thank you!

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 22, 2022

Apr 22, 2022