Guest user Created: Oct 31, 2017 Last commented: Oct 31, 2017

Segregation of duties

hello, we have your templates we bought last year. We just went through stage 1 and they highlighted that we are missing a6.1.2 segregation of duties. I wondered which template/document that was addressed in, perhaps I removed it or simply didn't fill in that section

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Oct 31, 2017

Answer: There is no specific template for segregation of duties because responsibilities are defined in each template according the required tasks to be performed (for example, in the Back up policy template, you can define different job titles to create and test backup copies). If for a required activity your organization identifies there is need to segregate it, you can adjust the template to that specific situation.

Additionally, in the Information Security Policy template you can define segregated activities related to information security (please see the section 4.5 of the document). This template can be found on folder 04 Information Security Policy.

This article will provide you further explanation about segregation of duties:
- Segregation of duties in your ISMS accord ing to ISO 27001 A.6.1.2 https://advisera.com/27001academy/blog/2016/11/21/segregation-of-duties-in-your-isms-according-to-iso-27001-a-6-1-2/

This material will also help you regarding segregation of duties:
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Oct 31, 2017

Expert Advice Community