Expert Advice Community

Guest

Submitting records for approval

  Quote
Guest
Guest user Created:   Jan 29, 2021 Last commented:   Jan 29, 2021

Submitting records for approval

Just getting started writing policy for ISO 27001. I have completed the Context, Requirements and Scope document. Is it better to move on and create/finish more documents and approve/distribute all at once with management or start document approvals now risking updates/adjustments as more progress is made?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 29, 2021

First is important to note that, for the documents you mentioned, only the ISMS scope and list of requirements documents are mandatory for ISO 27001.

Considering that, there are some core documents that must be developed and approved before start writing other documents. For example, the ISMS scope must be approved before other documents are written. Another example is that risks must be identified, and treatment for the relevant ones defined, and the Statement of Applicability (SoA) must be approved, before documents related to security controls are written.

This article will provide you a further explanation about ISO 27001 mandatory documents:
- List of mandatory documents required by ISO 27001 (2013 revision) https://advisera.com/27001academy/01academy/emy/ademy/my/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/

This material will provide you further explanation the order to develop and approve documents:
- Project checklist for ISO 27001 implementation (MS Word) https://info.advisera.com/27001academy/free-download/project-checklist-for-iso-27001-implementation

These materials will also help you regarding Iso 27001 implementation:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://training.advisera.com/se/iso-14001-internal-auditor-course/o-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 29, 2021

Jan 29, 2021