Expert Advice Community

Home / ISO 27001 & 22301 / Statement of applicability A.17.1.3

Guest

Statement of applicability A.17.1.3

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Sep 10, 2018 Last commented:   Sep 10, 2018

Statement of applicability A.17.1.3

ISO 27001 & 22301
The implementation method of control A.17.1.3 talks about an [exercise and test plan] as well as a [form for review after incidents]. To which document(s) / guidline(s) these two documents are related to?
0 0

Assign topic to the user

ISO 27001 STATEMENT OF APPLICABILITY

List all controls and determine which are applicable and why.

ISO 27001 STATEMENT OF APPLICABILITY

List all controls and determine which are applicable and why.
Expert
Dejan Kosutic Sep 10, 2018

Answer: I assume you are referring to a document Statement of Applicability - this document is written so that it is compliant with both ISO 27001 and ISO 22301. However, if you are using only ISO 27001 Toolkit then documents like "Exercise and test plan", and "Review after incidents" do not exist because they are not required by ISO 27001.

You can use the following text for implementation method of control A.17.1.3: "The Disaster recovery plan is reviewed by [job title] every 3 months, and is audited during internal audit every 12 months."

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 10, 2018

Sep 10, 2018

Suggested Topics
Guest user Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

Disaster Recovery Plan ISO 27001
Igor Created:   Feb 25, 2025 ISO 27001 & 22301
Replies: 0
0 0

Confidentiality Statement
Atheer AlMartan Created:   Feb 11, 2024 ISO 27001 & 22301
Replies: 1
0 0

Statement of Acceptance of Residual Risks