Guest user Created: Jan 12, 2016 Last commented: Jan 12, 2016

ISO 27001 for a Data Center

A company wants to get certified for ISO 27001:2013 for their Data Center only. What would be the steps to achieve this? What is the implication on the Statement of Applicability document? Thank you in advance for your reply.

0 0

Assign topic to the user

Select user

Guest

AntonioS Jan 12, 2016

It is quite common that a company wants to certify its data center. To do this, you need to think about this like a project, so basically the first thing that you need is a project plan. Please read this article for more information about this ISO 27001 project How to make it work": https://advisera.com/27001academy/blog/2013/04/22/iso-27001-project-how-to-make-it-work/

About the Statement of Applicability, it is one of the more important documents in the ISMS for any company, because basically is a list of controls with the applicability of each one (which are applicable and and which are not). So, you can write this document only after the execution of the risk assessment & risk treatment. To know more about the main activities that you need to perform in the implementation of the ISMS please re ad this article ISO 27001 implementation checklist" : https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community