Policies specific to HR & Admin
Assign topic to the user
Documents related to Annex A sections A.7 and A.11 are:
For section A.7:
- Confidentiality statement
Statement of acceptance of ISMS documents
For section A.11:
- Clear desk and clear screen policy
- Disposal and destruction policy
- Procedures for working in security areas
Please note that Conformio provides all mandatory documents and some documents that are not mandatory but are commonly adopted by organizations. Some of the controls of the sections you mentioned do not need to be documented according to the standard, and in our opinion, it would be an overhead to document each and every one of them in a small company.
Regarding progress mapping, please note you can find information on required documents progress in section “Reporting dashboard” >> “ISO 27001 Project Status Dashboard” >> “View more stats”. These documents cover those defined as mandatory by the standard and those related to the controls you stated as applicable in the Statement of Applicability. Regarding a specific mapping of documents and clauses and controls, this is an improvement feature we are working to be released soon.
This article will also help you:
- List of mandatory documents required by ISO 27001 (2013 revision) https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/
Hi, Could you please clarify what you mean by "Statement of acceptance of ISMS documents"?
The "Statement of acceptance of ISMS documents" is the way used to enforce employees to observe all the documents prescribed by the organization in its information security management system.
In Conformio there is no such document because the information about which user read which document is tracked automatically by the platform and can be accessed when needed (i.e., instead of a static document which needs to be signed every time a new document is released, in Conformio this information is provided automatically as soon as the user reads the document).
You can see the details about which document was read, or not, by which user in the Responsibility Matrix, using the filter “One-time tasks” and searching for the title “Please read the document…”.
Additionally, this information can be tracked also within each step in the wizard by checking the Version history for this document.
Comment as guest or Sign in
Jan 28, 2022