Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024

Expert Advice Community

Guest

Responsibilities assignment

  Quote
Guest
Guest user Created:   Jan 30, 2018 Last commented:   Jan 30, 2018

Responsibilities assignment

We are bought ISO 27001 documents and I have some questions about INFORMATION SECURITY POLICY document. I did not found description about job title in below at video tutorials (Helpful Materials) :
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 30, 2018

Who can take this task ?

4.1. Objectives and measurement :
· [Job title] will measure the fulfillment of all the objectives.
· [Job title] is responsible for setting the method for measuring the achievement of the objectives.

4.5. Responsibilities
· [job title] will define which information related to information security will be communicated to which interested party (both internal and external), by whom and when.
· [job title] is responsible for adopting and implementing the Training and Awareness Plan, which applies to all persons who have a role in information security management

Answer: Regarding the responsibilities you mentioned related to section 4.1, and the first one on section 4.5, they are generally assigned to a role created specifically for that purpose (e.g., the CISO), bu t you also can assign them to an existing role in the organizational chart, provided that this person has the necessary skills to carry out the activities (a good choice would be the Management Representative or Quality Manager if you have this role).

For the second responsibility you mentioned in section 4.5, this one can be assigned either to HR Manager or to the roles above mentioned.

These articles will provide you further explanation about CISO:
- What is the job of Chief Information Security Officer (CISO) in ISO 27001? https://advisera.com/27001academy/knowledgebase/what-is-the-job-of-chief-information-security-officer-ciso-in-iso-27001/
- Chief Information Security Officer (CISO) – where does he belong in an org chart? https://advisera.com/27001academy/blog/2012/09/11/chief-information-security-officer-ciso-where-does-he-belong-in-an-org-chart/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 30, 2018

Jan 30, 2018

Suggested Topics

Guest user Created:   Mar 09, 2020 ISO 27001 & 22301
Replies: 1
0 0

Segregation of duties

Guest user Created:   Aug 08, 2018 ISO 27001 & 22301
Replies: 1
0 0

CISO role