Guest user Created: Oct 24, 2018 Last commented: Oct 24, 2018

ISMS Policy

I have a question about the ISMS Policy - Section 4.4 Responsibilities. Which specific person / job title would you recommend for mark 7 and 8? In the video tutorial the last two marks (7 & 8) doesn’t exist."

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Oct 24, 2018

Answer:

Responsibilities for communication of information related to information security, the adoption and implementation of the Training and Awareness Plan can be designated to the Chief Information Security Officer (CISO), if the organization decides to implement such a role, or to an existent role with access to TopManagement.

These articles will provide you further explanation about CISO role:
- What is the job of Chief Information Security Officer (CISO) in ISO 27001? https://advisera.com/27001academy/knowledgebase/what-is-the-job-of-chief-information-security-officer-ciso-in-iso-27001/
- Chief Information Security Officer (CISO) – where does he belong in an org chart? https://advisera.com/27001academy/blog/2012/09/11/chief-information-security-officer-ciso-where-does-he-belong-in-an-org-chart/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Oct 24, 2018

Expert Advice Community

ISMS Policy

ISMS Policy

Assign topic to the user

Comment as guest or Sign in

Suggested Topics

ISMS Policy vs Information Security Policy

Filling in ISMS policy template

Information Security Policy or ISMS Policy?

Expert Advice Community

ISMS Policy

ISMS Policy

Assign topic to the user

Comment as guest or Sign in

Suggested Topics

ISMS Policy vs Information Security Policy

Filling in ISMS policy template

Information Security Policy or ISMS Policy?

Information Security Policy or ISMS Policy?