Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

ISMS roles and responsibilities

  Quote
Guest
Guest user Created:   May 27, 2020 Last commented:   May 27, 2020

ISMS roles and responsibilities

If there is a documented appointment (in a google spreadsheet) by team leaders to their subordinates as ISMS champions but not signed acknowledged by the team members/subordinates. however, the team members appointed as ISMS champions attended the training for ISMS roles and responsibilities with proof of attendance is it tantamount to conformance to Clause 5.3 (Organizational roles, responsibilities and authorities) and Annex A.6.1.1 (Information security Roles and responsibilities)?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 27, 2020

This is not sufficient, because not only the ISMS champions must know about their information security responsibilities, but also all personnel included in the ISMS scope, so they can know who to look for in case of a situation related to information security.

In  this case, you must also consider:

  • Document information security roles and responsibilities in the policies and procedures used by the organization.
  • Provide awareness and training sessions for all personnel included in the ISMS scope.

This article will provide you a further explanation about documenting roles and responsibilities:

These materials will also help you regarding roles and responsibilities:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 27, 2020

May 27, 2020

Suggested Topics