To be compliant, what is the minimum to be done?
Assign topic to the user
Answer:
Basically, there is no difference between "being compliant with the standard" and "being ready for the certification" - so the point is you have to implement:
1) all the mandatory documents
2) all the non-mandatory documents you consider necessary for your company
3) make sure all of your employees comply with all this documentation
In our ISO 27001 Documentation Toolkit you'll find a document called "List of documents" which specifies all the documents that are mandatory, and all the documents that are optional. When you follow the steps in the toolkit, you will be able to conclude which non-mandatory documents will be necessary for you.
It is also recommendable to go through this free online course because it will explain you how the whole standard works: ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Jun 30, 2016