Expert Advice Community

Guest

SoA - A.6.1.3 - Incident Response Plan

  Quote
Guest
Guest user Created:   Aug 23, 2018 Last commented:   Aug 23, 2018

SoA - A.6.1.3 - Incident Response Plan

Does the documentation toolkit (with 43 documents) include a template for an incident response plan? I couldn’t find it. Do we definitely need a document like that to get certified? The package we bought said it includes all of the necessary documents. If we don’t use this document which documents shall we use to fulfill control A.6.1.3?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Dejan Kosutic Aug 23, 2018

Answer:

Incident response plan is a document needed only if you want to become compliant with ISO 22301, it is not needed for ISO 27001. Therefore, it is not part of ISO 27001 Toolkit (it is a part of ISO 27001 & ISO 22301 Premium Toolkit).

To become compliant with ISO 27001 control A.6.1.3 (Contact with authorities) it is enough to specify in your Statement of Applicability who in your company will be in contact with e.g. police, regulatory agencies, etc. - the standard does not require you to have an extra document for that purpose.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 23, 2018

Aug 23, 2018

Suggested Topics