Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024

Expert Advice Community

Question about the ISO 27001 controls

  Quote
Created:   Sep 29, 2020 Last commented:   Sep 29, 2020

Question about the ISO 27001 controls

 He comparado el clausulado de la norma ISO/IEC 27001 contra el clausulado utilizado en los documentos y he notado que no están desarrollados los 114 controles.

El objetivo es documentar los 114 controles sin excepción, esto debido a que el resultado de la documentación a nivel 1 será revisado por una empresa del gobierno de mi país.

(I have compared the clauses of the ISO / IEC 27001 standard against the clauses used in the documents and I have noticed that the 114 controls are not developed.

The objective is to document the 114 controls without exception, this because the result of the documentation at level 1 will be reviewed by a company of the government of my country.)

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 29, 2020

Please  note that Advisera's ISO 27001 Documentation Toolkit does not have a document for each and every control from ISO 27001 because of the following reasons:
1) ISO 27001 does not require each and every control to be documented
2) If the toolkit had a document for each control, there would be too many documents, and this would be an overkill for smaller and mid-size companies.

Since our target are SMEs, we have decided to include an optimum amount of documents for companies of this size - the toolkit includes:
- All the mandatory documents - e.g. Information Security Policy, Statement of Applicability, Risk Assessment Methodology, Access Control Policy, etc.
- Documents that are not mandatory, but are commonly used - e.g. BYOD Policy, Classification Policy, Password Policy, Backup Policy, etc.

If your specific circumstances are such that you need a document for each control, you can add the documents that are not part of our ISO 27001 Documentation Toolkit, or you should look for toolkits from other providers that are targeted at larger companies, that have documents for each control.

If your specific circumstances are such that you need a document for each control, you can add the documents that are not part of our ISO 27001 Documentation Toolkit, or you should look for toolkits from other providers that are targeted at larger companies, that have documents for each control.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 29, 2020

Sep 29, 2020

Suggested Topics