Expert Advice Community

Guest

ISO sign off on staff policy

  Quote
Guest
Guest user Created:   Nov 18, 2022 Last commented:   Nov 21, 2022

ISO sign off on staff policy

ISO 27001 requires that staff sign off on policies that have been distributed to them and that are applicable to them.
 
I couldn’t find a mechanism in Conformio that provides a mechanism for this.

Can you please let me know how to handle this requirement?

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 18, 2022

Please note that ISO 27001 requires that people are aware of policies that are relevant to them (i.e., sign off is not required).

In Conformio, when using the document wizard to develop a policy or procedure, you can define which users need to read a document. A notification is sent to them, and when they open the document, this action will be logged in the system, so you can provide the logs as evidence.

Another way to do that is through the My Work dashboard (the link to it is provided on the left side panel on Conformio main screen), from where you can define tasks to others (like, read policy XYZ) and monitor if they were performed or not.

Quote
0 0
Benjamin W. Nov 18, 2022

How can I access the logs to provide them as evidence?

Quote
0 0
Expert
Rhand Leal Nov 21, 2022

You can access these logs through the Responsibility Matrix, which you can access through the link in the left side panel of your screen.

In the Responsibility Matrix screen, you can filter the logs by “One task” and search for activities titled “Please read the document…”

For each line, you can identify, using the colored indicators, if the document was read or not.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 18, 2022

Nov 21, 2022

Suggested Topics