Guest user Created: May 09, 2019 Last commented: May 09, 2019

ISO documents for IT

1. Our company has ISO 9001-2015 however as IT Department, we are constantly audited beyond the scope of the ISO 9001. For that reason, I think that ISO 27001 documents are the ones that we need to cover everything and anticipate future audit. My requirement for report is to know if a procedure exist for reports demand from the IT and the restriction that follow these procedures.

0 0

Assign topic to the user

Select user

Expert

Dejan Kosutic May 09, 2019

Answer: ISO 27001 does not prescribe a standardized reporting procedure or any other similar document, however it does list mandatory and suggested documents you might use - here is an article that might help you:
List of mandatory documents required by ISO 27001 (2013 revision) https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/

2. On the other hand, may you guide us which ISO documents best suites us a IT .

Answer: If your question is about which standards might be the most suitable for IT, here are the 3 most popular:
- ISO 27001 (information security) https://advisera.com/27001academy/what-is-iso-27001/
- ISO 22301 (business continuity) https://advisera.com/27001academy/what-is-iso-22301/
- ISO 20000 (IT service management) https://advisera.com/20000academy/what-is-iso-20000/

If your question is about which IT documents to use for ISO 27001, here’s an article that can help you: How to structure the documents for ISO 27001 Annex A controls https://advisera.com/27001academy/blog/2014/11/03/how-to-structure-the-documents-for-iso-27001-annex-a-controls/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

May 09, 2019

Expert Advice Community