ISO sign off on staff policy
ISO 27001 requires that staff sign off on policies that have been distributed to them and that are applicable to them.
I couldn’t find a mechanism in Conformio that provides a mechanism for this.
Can you please let me know how to handle this requirement?
Assign topic to the user
Please note that ISO 27001 requires that people are aware of policies that are relevant to them (i.e., sign off is not required).
In Conformio, when using the document wizard to develop a policy or procedure, you can define which users need to read a document. A notification is sent to them, and when they open the document, this action will be logged in the system, so you can provide the logs as evidence.
Another way to do that is through the My Work dashboard (the link to it is provided on the left side panel on Conformio main screen), from where you can define tasks to others (like, read policy XYZ) and monitor if they were performed or not.
You can access these logs through the Responsibility Matrix, which you can access through the link in the left side panel of your screen.
In the Responsibility Matrix screen, you can filter the logs by “One task” and search for activities titled “Please read the document…”
For each line, you can identify, using the colored indicators, if the document was read or not.
Comment as guest or Sign in
Nov 21, 2022