Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Answer:
Regarding the definition of roles and responsibilities, there are some common roles that are established in companies with ISO 27001, the most common is the CISO. This article can be useful for you “What is the job of Chief Information Security Officer (CISO) in ISO 27001?” : https://advisera.com/27001academy/knowledgebase/what-is-the-job-of-chief-information-security-officer-ciso-in-iso-27001/
Regarding the clause A.7.1.2 Terms and conditions of employment, simply each employee must have an agreement with the organization where all conditions are established. This agreement can also include information about the roles and responsibilities related to the ISMS (for example can be good for the agreement of the CISO).
Regarding the clause A.13.2.4 Confidentiality or non-disclosure agreements, it is only necessary for information transfer (you need to establish an agreement with the other party for the information transfer, including terms rel ated to the information security), and it can be applicable to external parties or employees, but it is not directly related to the definition of roles and responsibilities.
Finally, our course can be also interesting for you because we give more information about roles and responsibilities “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Jul 21, 2016