Expert Advice Community

Guest

Policies and procedures

  Quote
Guest
Guest user Created:   Jun 14, 2016 Last commented:   Jun 14, 2016

Policies and procedures

I need a little understanding on Policy mapping. As per ISO 27001; we have a list if policies for establishing Information Security. However, Please help me to know the correct approach to map policy and procedure documents to the Master policy of the organization. One-to-one or direct, is there any mapping mechanism that can be followed? Or say to the Scope of ISMS document. Please guide me through it.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
Antonio Jose Segovia Jun 14, 2016

Answer:
I am sorry but the standard ISO 27001:2013 does not require to map policies with procedures, but you need to develop various mandatory documents, which you can see them here “List of mandatory documents required by ISO 27001 (2013 revision)” : https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/

This article can be also interesting for you “How to structure documents for ISO 27001 Annex A controls” : https://advisera.com/27001academy/blog/2014/11/03/how-to-structure-the-documents-for-iso-27001-annex-a-controls/

And our online course can be also interesting for you becaus e we give more information about the documents of ISO 27001 “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 14, 2016

Jun 14, 2016