SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

Procedure for document control and ISO 27002 controls

  Quote
Guest
Guest user Created:   Apr 08, 2017 Last commented:   Apr 08, 2017

Procedure for document control and ISO 27002 controls

Re 27002 code of practice. would it matter if i listed my document control procedure as an asset under 8. Asset Management or as an operational security measure 12 Operations Security? what is best
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Dejan Kosutic Apr 08, 2017

Answer: Actually, procedure for document control is related to the management part of information security - i.e. it is related to the main part of ISO 27001, and not to security controls listed in ISO 27002.

So in my opinion, it wouldn't make sense to try to fit it anywhere in ISO 27002 controls - document control belongs to the management part of information security.

These articles will help you:
- ISO 27001 vs ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
- Document management in ISO 27001 & BS 25999-2 https://advisera.com/27001academy/blog/2010/03/30/document-management-within-iso-27001-bs-25999-2/

These materials will also help you regarding document management:
- book Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/
- Free o nline training ISO 27001 Foundations Course
https://training.advisera.com/course/iso-27001-foundations-course/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 08, 2017

Apr 08, 2017