BLACK FRIDAY DISCOUNT
Get 30% off on toolkits, course exams, Conformio, and Company Training Academy yearly plans.
Limited-time offer – ends December 2, 2024
Use promo code:
30OFFBLACK

Expert Advice Community

Guest

ISMS Policy

  Quote
Guest
Guest user Created:   Oct 24, 2018 Last commented:   Oct 24, 2018

ISMS Policy

I have a question about the ISMS Policy - Section 4.4 Responsibilities. Which specific person / job title would you recommend for mark 7 and 8? In the video tutorial the last two marks (7 & 8) doesn’t exist."
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Oct 24, 2018

Answer:

Responsibilities for communication of information related to information security, the adoption and implementation of the Training and Awareness Plan can be designated to the Chief Information Security Officer (CISO), if the organization decides to implement such a role, or to an existent role with access to TopManagement.

These articles will provide you further explanation about CISO role:
- What is the job of Chief Information Security Officer (CISO) in ISO 27001? https://advisera.com/27001academy/knowledgebase/what-is-the-job-of-chief-information-security-officer-ciso-in-iso-27001/
- Chief Information Security Officer (CISO) – where does he belong in an org chart? https://advisera.com/27001academy/blog/2012/09/11/chief-information-security-officer-ciso-where-does-he-belong-in-an-org-chart/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 24, 2018

Oct 24, 2018