Expert Advice Community

Guest

Record management

  Quote
Guest
Guest user Created:   Aug 21, 2019 Last commented:   Aug 21, 2019

Record management

In addition to our conversation, I would like to clarify where in the Toolkit (or something else) there are templates of the documents which describe the procedures for recording and storing information about information security incidents, as well as managing them.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 21, 2019

Answer:

In the toolkit there is a template for Incident log, located in folder 08 Annex A -Security Controls, subfolder A.16 Information Security Incident Management, defining which information must be recorded about information security incidents.

Regarding storage and management of such record, in the Incident Management Policy, located on the same folder, there is a section called "Managing records kept on the basis of this document", which defines the required information to record, store and manage about information related to information security incidents.

Please note that there are no other templates for records, and if you need a different record you will need to develop it based on guidelines from our procedure.

This article will provide you further explanation about record management:
- Records management in ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/11/24/records-management-in-iso-27001-and-iso-22301/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 21, 2019

Aug 21, 2019

Suggested Topics

Guest user Created:   Mar 11, 2021 ISO 27001 & 22301
Replies: 1
0 0

Records or Documents

Nika Created:   Feb 11, 2021 ISO 27001 & 22301
Replies: 1
0 0

Risk Assessment - change