Expert Advice Community

Guest

Specific Documents

  Quote
Guest
Guest user Created:   Oct 12, 2022 Last commented:   Oct 12, 2022

Specific Documents

Hi team, I am sending this message to ask you which documents will be for clauses 4.1, 5.1, 6.1.1, 6.1.2, and 9.1.? I have done all the documents provided by Conformio but I can't find the documents above. Please support me on this issue.

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Oct 12, 2022

Please note that the abovementioned clauses are covered by the following:

  • clause 4.1 - Understanding the organization and its context can be evidenced by means of documents “List of Legal, Regulatory and Contractual Requirements”, generated by the 'Register of legal, contractual and other requirements' module, and "Risk Assessment and Risk Treatment Report", generated by the 'Risk register' module.
  • clause 5.1 Leadership and commitment can be evidenced by means of documents “Information Security Policy”, “List of Security Objectives”, “Risk Assessment and Risk Treatment Report”, “Risk Treatment Plan”, and “Management review report”.
  • clause 6.1.1 General, which refers to risks related to the Information Security Management System itself, can be evidenced by means of the “Risk Treatment Plan”.
  • clause6.1.2 Information security risk assessment can be evidenced by means of the “Risk Assessment and Risk Treatment Methodology”.
  • clause 9.1 Monitoring, measurement, analysis, and evaluation can be evidenced by means of the records defined on each policy and procedure you have implemented.
Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Oct 12, 2022

Oct 12, 2022

Suggested Topics