Expert Advice Community

Guest

Questions about documents

  Quote
Guest
Guest user Created:   Sep 05, 2019 Last commented:   Sep 05, 2019

Questions about documents

First question: I was wondering if Privacy Policy document is included with the ISO 27001/22301….or if it is only included with the EU GDPR. If only included with GDPR, can I use that privacy policy for all our ISMS/BCMS needs as well?

Assign topic to the user

Assign

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 05, 2019

Answer: I'm assuming you are referring to the Website Privacy Policy.

Considering that, this template is part of the following toolkits:
- EU GDPR & ISO 27001 Integrated Documentation Toolkit
- GDPR Mini Toolkit for Websites
- EU GDPR Premium Documentation Toolkit

The document in the EU GDPR Premium Documentation Toolkit can be customized by you to fulfill your needs related to ISMS/BCMS. The document included in the EU GDPR & ISO 27001 Integrated Documentation Toolkit already has the adjustments to be compliant with ISO 27001.

Second question: Can I use ISO 27001/22301 documents for BOTH ISMS and BCMS, referencing both ISMS and BCMS in the same document?....or must I use the documents for one or the other, but not both?

Answer: Some documents in the ISO 27001 & ISO 22301 Premium Documentation Toolkit are common for both ISMS and BCMS (e.g., Document control procedure and Internal audit Procedure), or can be used to support both systems, so it is possible to use these documents for both systems.

Included in your toolkit there is a List of Documents file which shows which clauses of both standards are covered by each document. Another way to identify this common use is by the commentaries included in each template. Some comments specifically identify which text can be adjusted so the document can cover both standards.

For further information about integrating ISO management systems, please read:
- How to implement integrated management systems https://advisera.com/27001academy/blog/2015/10/05/how-to-implement-integrated-management-systems/
- ISO 27001 & ISO 22301: Why is it better to implement them together? [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001-iso-22301-better-implement-together-free-webinar-demand/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 05, 2019

Sep 05, 2019

Suggested Topics