Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

Questions regarding ISO 27001 documentation

  Quote
Guest
Guest user Created:   Aug 30, 2021 Last commented:   Aug 30, 2021

Questions regarding ISO 27001 documentation

Dear all,

I’m writing to you on behalf of the company ***  and its CEO *** , who bought the toolkit

We would like to ask you for some help regarding the possibility of using the following sentence in the compilation of the ISO27001 documents:


1 - Regarding the users (destinatari in italian), in your documents the term used is employees of the company. Since other subjects could be involved in the politics and procedures, we were wondering if we could use the following sentence for all the documents:

Destinatari di questo documento sono tutte le persone che rientrano nel perimetro di applicabilità del SGSI di ***.

Translated in english: The users of this document are the subjects who are included within the perimeter/scope of the company ISMS applicability.

2 - The second question:

Within the Documentation in A.9.1 Politics for the Access Control there is a document called La Dichiarazione di Accettazione dei documenti del SGSI. The translation in english should be something like Declaration of the ISMS documentation Acceptance. What is this document actually about? Is there a form of this document that we could use?

Thank you in advance for your help.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 30, 2021

1 - Regarding the users (destinatari in italian), in your documents the term used is employees of the company. Since other subjects could be involved in the politics and procedures, we were wondering if we could use the following sentence for all the documents:

Destinatari di questo documento sono tutte le persone che rientrano nel perimetro di applicabilità del SGSI di ***.

Translated in english: The users of this document are the subjects who are included within the perimeter/scope of the company ISMS applicability.

ISO 27001 does not prescribe who are the users in the information security documents, so the suggested change is possible and will not impact the certification process.

For further information, see:

2 - The second question:

Within the Documentation in A.9.1 Politics for the Access Control there is a document called La Dichiarazione di Accettazione dei documenti del SGSI. The translation in english should be something like Declaration of the ISMS documentation Acceptance. What is this document actually about? Is there a form of this document that we could use?

Thank you in advance for your help.

I’m assuming you are referring to the document “Statement of Acceptance of the ISMS Documents”.

The purpose of this document is to provide a single register to oblige employees to observe all the documents prescribed by the organization in its information security management system (i.e., employees do not have to sign acceptance of each document separately).

You can find a template for this document in folder 08 Annex A Security Controls >> A.7 Human Resource Security

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 30, 2021

Aug 30, 2021