Guest
ISO 27001 certification
Cuales son los requisitos para que una empresa tenga esta certificación.?
Assign topic to the user
Expert
Rhand Leal
Nov 09, 2020
What are the requirements for a company to have this certification?
Broadly speaking, to be ready for ISO certification, an organization needs to:
- get support for the project (through approval of the ISMS project plan) and approval of the Procedure for Document and Record Control
- define the ISMS basic framework (e.g., scope, objectives, organizational structure), by understanding the organizational context and requirements of interested parties;
- develop risk assessment and treatment methodology;
- perform a risk assessment and define the risk treatment plan;
- implement controls (e.g., policies and procedures documentation, acquisitions, etc.);
- perform people training and awareness;
- operate controls;
- perform monitoring and measurement;
- perform an internal audit;
- perform management critical review; and
- address nonconformities, corrective actions, and opportunities for improvement.
This article will provide you a further explanation about ISMS implementation:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
Comment as guest or Sign in
Nov 09, 2020
Nov 09, 2020
Nov 09, 2020