Expert Advice Community

Guest

Organizational context identification

  Quote
Guest
Guest user Created:   Feb 18, 2017 Last commented:   Feb 18, 2017

Organizational context identification

My main 'job' is to find out where my organization stands and what they should do in order to get ISO27001 certified. Do you have any tips or directions or questions that I should keep in mind while trying to gather as much information about the company as possible?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 18, 2017

Answer: Following the sequence recommend to implement an ISMS, you should start identifying the organizational context, the internal and external issues considered most relevant to ISMS (e.g., geographical location, organizational culture, public infrastructure available, etc.), and the interested parties, the relevant people with interest in ISMS results (e.g., clients, suppliers, top management, employees, etc). By knowing the internal and external issues interested parties, you can start think about which kind of questions you should ask.

This article will provide you further explanation about recommend steps to implement an ISMS:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/

These articles will provi de you further explanation about organizational context identification:
- Explanation of ISO 27001:2013 clause 4.1 (Understanding the organization) https://advisera.com/27001academy/knowledgebase/how-to-define-context-of-the-organization-according-to-iso-27001/
- How to identify interested parties according to ISO 27001 and ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-identify-interested-parties-according-to-iso-27001-and-iso-22301//
- How to identify ISMS requirements of interested parties in ISO 27001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/
- How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/

These materials will also help you regarding organizational context identification and recommend steps to implement an ISMS:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://training.advisera.com/course/iso-27001-foundations-course/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 18, 2017

Feb 18, 2017