Guest user Created: Apr 18, 2018 Last commented: Apr 18, 2018

Template content

ISO 27001 & 22301

I have the templates already but I need to know if possible which document contains a18.2.3 technical compliance

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Apr 18, 2018

so I can update that document accordingly as we got a NC for this during an audit?

Answer: Control A.18.2.3 (Technical compliance review) requires regular review of organization's compliance with information security policies and standards, so this control can be covered by the Internal Audit procedure template. You should also consider review the documents from the toolkit that you implemented that regulate technology issues (e.g., Policy on the Use of Cryptographic Controls), because responsibilities defined on them may cover some degree of compliance review.

It is important to note that there is no need to create a new document to cover this control, rather it is much better if you cover this control with existing documents from the toolkit.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Apr 18, 2018

Expert Advice Community