Leadership requirements
Ya hice la fase de diagnóstico, en la parte de implementación hice macromejoras para abarcar los puntos que no cumple la institución, en una macromejora tengo la parte de liderazgo, que puedo desarrollar para cumplir los asquectos de liderazgo? Tomando en cuenta que el proceso es de lotería impresa.
Assign topic to the user
(I have already done the diagnostic phase, in the implementation part I have made macro improvements to cover the points that the institution does not meet, in a macro improvement I have the leadership part, what can I develop to fulfill the leadership aspects? Taking into account that the process is a printed lottery
First is important to note that ISO 27001 requirements for leadership are the same regardless of the organization industry and size, so there are no additions or exclusions regarding a printed lottery process.
Considering that, to cover leadership requirements you must:
- develop an information security policy and define information security objectives, aligned with business strategies
- engage personnel around information security initiatives
- define and communicate responsibilities and authorities for relevant roles to information security
To see how an Information Security Policy looks like, please see this link: https://advisera.com/27001academy/documentation/information-security-policy/
These articles will provide you further explanation about leadership requirements:
- What should you write in your Information Security Policy according to ISO 27001? https://advisera.com/27001academy/blog/2016/05/30/what-should-you-write-in-your-information-security-policy-according-to-iso-27001/
- Aligning information security with the strategic direction of a company according to ISO 27001 https://advisera.com/27001academy/blog/2017/02/20/strategic-direction-of-a-company-according-to-iso-27001/
- How to document roles and responsibilities according to ISO 27001 https://advisera.com/27001academy/blog/2016/06/20/how-to-document-roles-and-responsibilities-according-to-iso-27001/
- Why is management review important for ISO 27001 and ISO 22301? https://advisera.com/27001academy/blog/2014/03/03/why-is-management-review-important-for-iso-27001-and-iso-22301/
Comment as guest or Sign in
Apr 14, 2020