Missing documents
Assign topic to the user
Please note that controls A.12.4.1 (Event logging) and A.12.4.3 (Administrator and operator logs) are covered in template “Security Procedures for IT Department”, located in folder 08_Annex_A_Security_Controls >> A.12_Operations_Security
Regarding controls A.12.4.2 (Protection of log information) and A.12.4.4 (Clock synchronization), please note the ISO 27001 does not require every applicable control to be documented, and in such cases, a short explanation about its implementation included in the Statement of Applicability will be enough (you can find documented information about these controls in the SoA template located in folder 06 Applicability of Controls).
This article will provide you a further explanation about controls documentation:
- How to structure the documents for ISO 27001 Annex A controls https://advisera.com/27001academy/blog/2014/11/03/how-to-structure-the-documents-for-iso-27001-annex-a-controls/
Comment as guest or Sign in
Jul 09, 2021