SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

Expert Advice Community

Home / ISO 27001 & 22301 / Operating procedures for IT Management

Guest

Operating procedures for IT Management

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Operating procedures for IT Management

ISO 27001 & 22301
I read in your checklist of mandatory documents and you wrote A.12 Operating Procedures for IT Management. Is it only for IT or should Non-IT procedures be documented as well?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Guest
AntonioS Jan 12, 2016

There are some domains of control that are not related to IT. Example: A.7 Human Resource Security and A.15 Supplier relationships. But A.12 is directly related with IT because has controls about backups, malware, monitoring, technical vulnerabilities, etc.
 
Remember that there are a list of documentes that you need to be compliant with ISO 27001, and one of this is related to the control A.12.1.1 “Operating procedures for IT management”. To see this list, please read this article (you also can see a list of Non-mandatory documents) “List of mandatory documents required by ISO 27001 (2013 revision)”: https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Guest user Created:   Oct 09, 2021 ISO 27001 & 22301
Replies: 1
0 0

Question about Operating Procedures for IT Management.
Guest user Created:   Apr 22, 2021 ISO 27001 & 22301
Replies: 3
0 0

Conformio documentation access
Guest user Created:   Feb 25, 2019 ISO 27001 & 22301
Replies: 1
0 0

Template content