Expert Advice Community

Guest

ISO 27001 applicability with company departments

  Quote
Guest
Ankur Ahuja Created:   Nov 01, 2021 Last commented:   Nov 03, 2021

ISO 27001 applicability with company departments

How ISO 27001 is applicable at different departments of an organisation?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 03, 2021

ISO 27001 is focused on information protection, so regardless of the department's purposes, the approach will be the same: information security risks are assessed, and the ones considered relevant are treated considering at least controls listed in the standard’s Annex A.

Controls from ISO 27001 Annex A cover technical, physical, and administrative aspects of information security considering a wide range of organizational aspects, like Human Resources, Information Technology, and Physical environment.

For example, for an HR department, ISO 27001 may focus on the protection of employees’ information. For an R&D department, information related to the organization or customer’s projects can be the scope. Finally, for an IT department, ISO 27001 can be used to protect information and communication systems.

These articles will provide you a further explanation about ISO 27001:

These materials will also help you regarding ISO 27001:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 01, 2021

Nov 03, 2021