ISO templates - HR Policy
Can you please help me to find my HR Policy and Awareness? I couldn't locate it in the templates.
Assign topic to the user
Please note that ISO 27001 does not require an HR Policy, neither this is a commonly adopted document for ISO 27001 ISMS implementations. Commonly adopted controls related to Human Resources (controls from section A.7 of ISO 27001 Annex A) are covered by these templates:
- Confidentiality Statement, located in folder 08 Annex A Security Controls >> A.7 Human Resource Security
- Statement of Acceptance of ISMS Documents, located in folder 08 Annex A Security Controls >> A.7 Human Resource Security
- Supplier Security Policy, located in folder 08 Annex A Security Controls >> A.15 Supplier Relationships
- Security Clauses for Suppliers and Partners, located in folder 08 Annex A Security Controls >> A.15 Supplier Relationships
- Incident Management Procedure, located in folder 08 Annex A Security Controls >> A.16 Information Security Incident Management
Regarding awareness, the template you need is the Training and Awareness Plan, located in folder 08 Annex A Security Controls >> 09 Training and Awareness
For further information, see:
- How to perform training & awareness for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/05/19/how-to-perform-training-awareness-for-iso-27001-and-iso-22301/
- 8 Security Practices to Use in Your Employee Training and Awareness Program https://advisera.com/27001academy/blog/2015/03/02/8-security-practices-to-use-in-your-employee-training-and-awareness-program/
This material will also help you regarding awareness and training:
- Free Security Awareness Training: https://advisera.com/training-account/security-awareness-training/ - this is a series of 35 videos that cover various topics related to security.
Comment as guest or Sign in
Feb 04, 2021