Guest
ISMS TIER 1 - 4 Documents
ISO 27001:2013 has categorized documents into Tiers. What are the Tier1, Tier2, Tier3 and Tier4 documents/definitions.
Assign topic to the user
Expert
Rhand Leal
Jul 05, 2021
Please note that ISO 27001 does not prescribe or make reference to documents tiers.
Considering that, the concept of tiers is a common interpretation made by organizations to make ISO documentation management easier to understand.
In this interpretation the tiers are:
- Policies: define rules for the ISMS. They are composed of the Information Security Policy and additional subject-specific policies (e.g., Access Control Policy, Backup Policy, etc.).
- Procedures: they describe what needs to be done, by who, when, and in what order.
- Work instructions: they detail how specific tasks are performed.
- Records: documents that provide evidence of performed activities or results achieved.
This material will provide you a further explanation about document management:
- Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/
Comment as guest or Sign in
Jul 05, 2021
Jul 05, 2021
Jul 05, 2021