SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

Expert Advice Community

Home / ISO 27001 & 22301 / Template content

Guest

Template content

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jul 18, 2019 Last commented:   Jul 18, 2019

Template content

ISO 27001 & 22301
1. Item A 18.2.2 and A 18.2.3. What would be the policy that I can use to cover these 2 points? I could not find any documentation in toolkit.
0 0

Assign topic to the user

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.
Expert
Rhand Leal Jul 18, 2019

Answer:

First it is important to note that ISO 27001 does not require each control in Annex A to be documented. In some cases all you need is to include in the Statement of Applicability (SOA) a brief explanation of how it is implemented.

In case you decide to document recommendations of controls A 18.2.2 and A 18.2.3, they can be included in the internal audit procedure, since these controls and the procedure aim to ensure that information security is implemented and operated in accordance with defined requirements.

You can schedule a meeting with one of our experts so he can help you about the changes that should be made on your documentation. To schedule a meeting, please access this link: https://advisera.com/27001academy/consultation/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 18, 2019

Jul 18, 2019

Suggested Topics
Guest user Created:   Mar 13, 2020 ISO 27001 & 22301
Replies: 1
0 0

Template content
Guest user Created:   Mar 11, 2020 ISO 27001 & 22301
Replies: 1
0 0

Template content
Guest user Created:   Feb 26, 2020 ISO 27001 & 22301
Replies: 1
0 0

Template content - DRP