ISO documentation
Assign topic to the user
The first thing you need to do is review the organizational context, identify which internal or external issues have changed and after that review the risk assessment, to identify if new risks have arisen or if current risks have changed, so you can perform required adjustments.
Specifically for ISO 27001, you will need to update the Statement of Applicability and the Risk Treatment Plan.
ISO 9001 documents to be updated will vary according to the results of risk assessment.
This article will provide you a further explanation about SoA:
- The importance of Statement of Applicability for ISO 27001 https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/
These materials will provide you more information about what to consider in regard to work from home, and pandemic:
- What to include in an ISO 27001 remote access policy https://advisera.com/27001academy/blog/2019/04/23/iso-27001-remote-access-policy-how-to-develop-it/
- Checklist of cyber threats & safeguards when working from home (PDF) https://info.advisera.com/27001academy/free-download/checklist-of-cyber-threats-and-safeguards-when-working-from-home
- How to use ISO standards to address a pandemic https://advisera.com/articles/how-to-use-iso-standards-to-address-a-pandemic/
- How to perform an internal audit remotely [free webinar on demand] https://advisera.com/27001academy/webinar/remote-internal-audit-free-webinar-on-demand/
- How to use ISO 27001 to secure data when working remotely [free webinar] https://advisera.com/27001academy/webinar/how-to-use-iso-27001-to-secure-data-when-working-remotely-free-webinar-on-demand/
- How to use ISO 9001 to control operations during the pandemic [free webinar] https://advisera.com/9001academy/webinar/how-to-use-iso-9001-to-control-operations-during-the-pandemic-free-webinar/
Comment as guest or Sign in
Oct 08, 2020