Expert Advice Community

Guest

Record Control Table and Approved Supplier List

  Quote
Guest
Guest user Created:   Oct 13, 2022 Last commented:   Oct 13, 2022

Record Control Table and Approved Supplier List

Do we have to keep a record control table and approved supplier lists? Please advise.

Assign topic to the user

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.

Expert
Rhand Leal Oct 13, 2022

You do not need to have a record control table as a separate document, but you do need to have a record control table within each policy or procedure where you require certain records to be created - this record control table is already included in all the document templates in Conformio.

For further information, see:

Regarding approved supplier lists, ISO 27001 does not require this record to be kept, so it would be a management decision to keep such a record in case it considers relevant to their processes.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 13, 2022

Oct 13, 2022