Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

Question about ISO 27001 and ISO 27002

  Quote
Guest
Guest user Created:   Aug 30, 2021 Last commented:   Aug 30, 2021

Question about ISO 27001 and ISO 27002

As far as I understand ISO doesn't dictate us to compliance with 27002
Does these 45 documents in the toolkit covers all 26 requirement management system and 114 control points?
I'm asking 27002 because I don't know if ISO will ask me if I have some installation, management or monitoring procedures for systems. We don't have such time to prepare it. If this is not the case, we are ok I believe.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 30, 2021

I’m assuming you are referring to ISO 27001 documentation toolkit.

First is important to note that ISO does not evaluate organizations against its standards. This role is performed by certification bodies.

Considering that, compliance with ISO 27002 is not required for certification against ISO 27001.

Regarding toolkit documents, they cover all mandatory requirements and the most commonly applied controls. ISO 27001 does not prescribe that there must be a document for each control. Controls are selected based on the results of risk assessment and applicable legal requirements.   

For more information, see:

This way we avoid make our documentation unnecessarily complex to use and maintain.

This article will provide you a further explanation about mandatory and most commonly used documents for ISO 27001 (all these are included in your toolkit):

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 30, 2021

Aug 30, 2021