SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

IT policy development

  Quote
Guest
Guest user Created:   Dec 19, 2017 Last commented:   Dec 19, 2017

IT policy development

Hi Dejan, I would appreciate you can share with me 'ISO 27001' the what, how, why, IT security related knowledge and other subject matters that I must consider when writing IT Policy for a regional company with presence in 6 countries in Asiapac with DataCenter in 3 countries, Cloud, stores in 6 countries, on premise servers, etc.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Dec 19, 2017

Answer: According to ISO 27001, the main issues you should consider in the development of policies and procedures are: legal requirements (e.g., laws and contracts), results of risk assessments and top management decisions (e.g., decisions based on strategic or operational plans and objectives).

Considering your specific scenario, you also should consider a cross evaluation of the requirements related to each country involved, as well as the contracts related to cloud providers (e.g., cloud providers may have operations in additional countries that also should be evaluated.

I suggest you to take a look at the free demo of our Operating Procedures for Information and Communication Technology at this link: https: //advisera.com/27001academy/documentation/operating-procedures-for-information-and-communication-technology/

This document will give you an idea on ahat to consider to to ensure correct and secure functioning of information and communication technology.

This article will provide you further explanation about policy development:
- Seven steps for implementing policies and procedures https://advisera.com/27001academy/knowledgebase/seven-steps-for-implementing-policies-and-procedures//

These materials will also help you regarding policy development:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://training.advisera.com/course/iso-27001-foundations-course/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Dec 19, 2017

Dec 19, 2017

Suggested Topics

Guest user Created:   Nov 29, 2019 ISO 27001 & 22301
Replies: 1
0 0

Policy for secure development

Guest user Created:   Jun 12, 2019 ISO 27001 & 22301
Replies: 1
0 0

Secure Development Policy

Guest user Created:   Feb 22, 2019 ISO 27001 & 22301
Replies: 1
0 0

Policy development