Guest
Procedure for document control and ISO 27002 controls
Re 27002 code of practice. would it matter if i listed my document control procedure as an asset under 8. Asset Management or as an operational security measure 12 Operations Security? what is best
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Expert
Dejan Kosutic
Apr 08, 2017
Answer: Actually, procedure for document control is related to the management part of information security - i.e. it is related to the main part of ISO 27001, and not to security controls listed in ISO 27002.
So in my opinion, it wouldn't make sense to try to fit it anywhere in ISO 27002 controls - document control belongs to the management part of information security.
These articles will help you:
- ISO 27001 vs ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
- Document management in ISO 27001 & BS 25999-2 https://advisera.com/27001academy/blog/2010/03/30/document-management-within-iso-27001-bs-25999-2/
These materials will also help you regarding document management:
- book Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/
- Free o nline training ISO 27001 Foundations Course
https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Apr 08, 2017
Apr 08, 2017
Apr 08, 2017