Expert Advice Community

Guest

ISO 27001 - Policy for permitted use / Policy for information transfer

  Quote
Guest
Guest user Created:   Jul 24, 2019 Last commented:   Jul 24, 2019

ISO 27001 - Policy for permitted use / Policy for information transfer

I have a question about chapter 4 - "management of records relating to this document“ (inside the policy for permitted use).
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jul 24, 2019

The policy for permitted use contains the record of permitted communication channels. The same record I already added to the policy for information transfer. The policy for permitted use refers to the other policy, which contains the record. In my opinion I would be able to delete the record in the policy for permitted use (if it’s already in the policy for information transfer). Is that correct?

Answer: Please note that section 3.6 of the Policy for permitted use (which refers to information transfer) must be kept only if you do not use the Policy for information transfer. In case the Policy for information transfer is a separated document you can delete section 3.6 and this related record from the Policy for permitted use. This way information about information transfer will be only in one document, minimizing risks of conflicting information.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 24, 2019

Jul 24, 2019

Suggested Topics