Guest user Created: Jun 14, 2016 Last commented: Jun 14, 2016

Policies and procedures

I need a little understanding on Policy mapping. As per ISO 27001; we have a list if policies for establishing Information Security. However, Please help me to know the correct approach to map policy and procedure documents to the Master policy of the organization. One-to-one or direct, is there any mapping mechanism that can be followed? Or say to the Scope of ISMS document. Please guide me through it.

0 0

Assign topic to the user

Select user

Guest

Antonio Jose Segovia Jun 14, 2016

Answer:
I am sorry but the standard ISO 27001:2013 does not require to map policies with procedures, but you need to develop various mandatory documents, which you can see them here “List of mandatory documents required by ISO 27001 (2013 revision)” : https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/

This article can be also interesting for you “How to structure documents for ISO 27001 Annex A controls” : https://advisera.com/27001academy/blog/2014/11/03/how-to-structure-the-documents-for-iso-27001-annex-a-controls/

And our online course can be also interesting for you becaus e we give more information about the documents of ISO 27001 “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jun 14, 2016

Expert Advice Community