Get 4 FREE months of Conformio to implement ISO 27001

Expert Advice Community

Guest

Register of external correspondence

  Quote
Guest
Guest user Created:   Mar 20, 2023 Last commented:   Mar 20, 2023

Register of external correspondence

I'm finalizing the procedure for document control and a little bit confused about the section regard external correspondence. It suggests we need a register to document external correspondence, but what does this entail? We currently don't have a process for this.

Is the expectation that any document we receive externally (via email or physically) needs to be documented? If not, what examples of documents would we need to take note of?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Mar 20, 2023

Please note that the section regarding external correspondence refers to electronic and physical documents you need for your ISMS that come from external parts like customers, suppliers, regulatory agencies, etc. If an external document is irrelevant to the ISMS, you do not need to control it as an external correspondence.  

For example, specifications sent from a customer contracts from a supplier and a law from a government agency. The ISO 27001 standard is an example of an external document required by the ISMS.

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 20, 2023

Mar 20, 2023

Suggested Topics