Expert Advice Community

Guest

Template content

  Quote
Guest
Guest user Created:   Jul 18, 2019 Last commented:   Jul 18, 2019

Template content

1. Item A 18.2.2 and A 18.2.3. What would be the policy that I can use to cover these 2 points? I could not find any documentation in toolkit.
0 0

Assign topic to the user

ISO 27001 & ISO 22301 PREMIUM DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 & ISO 22301 PREMIUM DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jul 18, 2019

Answer:

First it is important to note that ISO 27001 does not require each control in Annex A to be documented. In some cases all you need is to include in the Statement of Applicability (SOA) a brief explanation of how it is implemented.

In case you decide to document recommendations of controls A 18.2.2 and A 18.2.3, they can be included in the internal audit procedure, since these controls and the procedure aim to ensure that information security is implemented and operated in accordance with defined requirements.

You can schedule a meeting with one of our experts so he can help you about the changes that should be made on your documentation. To schedule a meeting, please access this link: https://advisera.com/27001academy/consultation/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 18, 2019

Jul 18, 2019

Suggested Topics

Guest user Created:   Mar 13, 2020 ISO 27001 & 22301
Replies: 1
0 0

Template content

Guest user Created:   Mar 11, 2020 ISO 27001 & 22301
Replies: 1
0 0

Template content

Guest user Created:   Feb 26, 2020 ISO 27001 & 22301
Replies: 1
0 0

Template content - DRP