Resources for ISMS and BCMS implementation
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Answer: First it is important to understand that there are two types of manpower needed: the members of the project team (e.g., project manager, consultant, other team members, etc.), which work directly in the project, and the personnel from the business units and processes included in the ISMS/BCMS scope (e.g., business units managers, key users, and other employees), that mostly provide information and work during controls and practices implementation.
Considering that, the number of required personnel for the project team generally goes from 1 to 5 on small to mid size organizations, while the number of personnel from business units and processes will vary depending on the complexity of the organizational structure (e.g., number of sites and departments). Normally for a smaller to mid-size company a project manager will need to spend ca 20% of his total work time (e.g. one day a week) during the implementation period.
This article will provide you additional support:
- Who should be your project manager for ISO 27001/ISO 22301? https://advisera.com/27001academy/blog/2014/12/01/who-should-be-your-project-manager-for-iso-27001-iso-22301/
Comment as guest or Sign in
Sep 17, 2018