IT Code of Conduct and ISO 27001:2013
Assign topic to the user
Answer: Generally, an organizational Code of Conduct covers rules, norms, practices and responsibilities to be followed by individuals or other organizations, aiming to protect the business and inform these parties of the organization's expectations. The content of a Code of Conduct should be aligned with an organization expects and considers proper behaviour.
Considering this, in the context of ISO 27001:2013, I would recommend you to take a look at our Acceptable Use Policy, which can be accessed here https://advisera.com/27001academy/documentation/it-security-policy/ .
This article will provide you further explanation about what to consider to implement an IT Code of Conduct and other policies:
- Seven steps for implementing policies and procedures https://advisera.com/27001academy/knowledgebase/seven-steps-for-implementing-policies-and-procedures//
These materials will also help you regarding IT Code of Conduct and other policies:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your
Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course
https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Nov 21, 2016