Expert Advice Community

Guest

Management representative in ISMS

  Quote
Guest
Guest user Created:   Jan 23, 2018 Last commented:   Jan 23, 2018

Management representative in ISMS

My question is about roles and responsibilities in 27001. What do you think Management Representative's (MR) position in ISMS. If we have CISO, Do we still need MR. If we have both of them, what is the difference between their responsibilities.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 23, 2018

Answer: The Management Representative is not a required role in the ISMS by ISO 27001, but an organization can assign one if it understands it can make its ISMS work better (for some scenarios, a person dedicated to the specific activities of the management system can better ensure and improve its results).

A CISO can assume the role of MR in an ISMS in case of need (if you have only ISO 27001 our recommendation would be to have only CISO.), but in organizations with multiple ISO management systems, maybe it is better to have CISO and MR as separated roles, because as MR must be competent on the requirements of the multiple management systems the organization has, the CISO is specialized in Information Security, and maybe overwhelmed by activities regarding other managements systems.

Thiese articl es will provide you further explanation about Management Representative and CISO:
- What is the job of Chief Information Security Officer (CISO) in ISO 27001? https://advisera.com/27001academy/knowledgebase/what-is-the-job-of-chief-information-security-officer-ciso-in-iso-27001/
- Chief Information Security Officer (CISO) – where does he belong in an org chart? https://advisera.com/27001academy/blog/2012/09/11/chief-information-security-officer-ciso-where-does-he-belong-in-an-org-chart/
- What will be the destiny of the management representative in the new ISO 9001:2015? https://advisera.com/9001academy/knowledgebase/what-will-be-the-destiny-of-the-management-representative-in-the-new-iso-90012015/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 23, 2018

Jan 23, 2018

Suggested Topics

Guest user Created:   Jul 21, 2022 ISO 27001 & 22301
Replies: 1
0 0

Question about GRC committee

Guest user Created:   Mar 22, 2018 ISO 27001 & 22301
Replies: 1
0 0

GRC questons