Policies approval
Assign topic to the user
Answer: In general the Company Director (or the highest position in the company) signs the high level policies (those policies that have overall impact through the organization, like the Quality Management Policy and the Information Security Policy), while other directors or managers sign the remaining policies (known as low level or second level policies), according to their scope (e.g., IT director signs the Password and Backup policies, and the Purchase manager sings the Supplier Management Policy).
This article will provide you further explanation about management responsibilities:
- Roles and responsibilities of top management in ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/06/09/roles-and-responsibilities-of-top-management-in-iso-27001-and-iso-22301/
This material will also help you regarding do cument management:
- Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/
Comment as guest or Sign in
Jan 28, 2018