Roles and responsibilities
Assign topic to the user
Answer:
The definition of general roles and responsibilities for information security is made on the Information Security Policy template, which you can find at folder 04 Information Security Policy of your ISO 27001 Documentation Toolkit.
Regarding specific roles and responsibilities for information security, they are defined through all documents in the toolkit. If you note, every time an activity is defined, it is also required the definition of a “Job Title” or person to perform that activity.
These articles will provide you further explanation about documenting roles and responsibilities:
- How to document roles and responsibilities according to ISO 27001 https://advisera.com/27001academy/blog/2016/06/20/how-to-document-roles-and-responsibilities-according-to-iso-27001/ es-according-to-iso-27001/
- Roles and responsibilities of top management in ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/06/09/roles-and-responsibilities-of-top-management-in-iso-27001-and-iso-22301/
- What to consider in security terms and conditions for employees according to ISO 27001 https://advisera.com/27001academy/blog/2018/05/23/what-to-consider-in-security-terms-and-conditions-for-employees-according-to-iso-27001/
Comment as guest or Sign in
Mar 05, 2019