LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

The Statement of Acceptance of ISMS System Documents

  Quote
Guest
Guest user Created:   Mar 07, 2019 Last commented:   Mar 07, 2019

The Statement of Acceptance of ISMS System Documents

The Statement of Acceptance of ISMS System Documents. Can you please supply a consolidated list of policies the auditor requires each employee to sign for?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Mar 07, 2019

Answer:

First is important to understand that this Statement:
- is necessary only if they have found risks or some other reason to use it
- is not necessary if you have some other way to prove that the documents were read by employees (e.g., through a document management system)

Considering that, the auditor's role is to verify if documents comply with the standard's requirements and if people's activities and process comply with what was documented, so the auditor will not require employees to sign this or that policy, but will check if they understand the policies, procedures and documents that are listed in the Statement of Acceptance of ISMS System Documents.

As for which documents to include in the statement, you have to include all documents from the toolkit you implemented.

This article may provide you further information:
- Which questions will the ISO 27001 certificatio n auditor ask? https://advisera.com/27001academy/blog/2015/07/20/which-questions-will-the-iso-27001-certification-auditor-ask/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 07, 2019

Mar 07, 2019

Suggested Topics