Expert Advice Community

Guest

ISO 27001 and Job description

  Quote
Guest
Guest user Created:   Feb 25, 2021 Last commented:   Feb 25, 2021

ISO 27001 and Job description

Just wanted to know if ISO 27001 requires Job description to be signed off

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 25, 2021

I’m assuming that by Job Description you mean a document stating the essential job requirements, job duties, job responsibilities, and skills required to perform a specific role.

Considering that, ISO 27001 does not prescribe the development of job descriptions, only that roles, responsibilities, and authorities related to information security are defined and communicated, and that required competencies (i.e., knowledge, skills, and experiences) are identified and gaps treated.

These requirements are usually met by defining roles, responsibilities and authorities in various security policies and procedures; required competences are usually defined in a training & awareness plan.

Such documents need to be approved by the top management, but not necessarily signed; on the employee side, there needs to be a proof that those were delivered - either through a document management system, or by signing a document where an employee confirms the documents are read.

To see how a Statement of Acceptance of ISMS Documents looks like, please access the free demo of our template at this link: https://advisera.com/27001academy/documentation/statement-of-acceptance-of-isms-documents/

This article will provide you a further explanation about roles and responsibilities:
- How to document roles and responsibilities according to ISO 27001 https://advisera.com/27001academy/blog/2016/06/20/how-to-document-roles-and-responsibilities-according-to-iso-27001/

These materials will also help you regarding roles and responsibilities:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 25, 2021

Feb 25, 2021

Suggested Topics