Expert Advice Community

Guest

Toolkit content

  Quote
Guest
Guest user Created:   Jul 03, 2017 Last commented:   Jul 03, 2017

Toolkit content

Reviewing the toolkit, in the folder: "08_Anexo_A" I do not see the following controls:
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jul 03, 2017
- A.5 Information security policies
- A.18 Compliance

I do not see an assessment tool for ISO27K. Is there any reason for this omission? Are not included as part of the toolkit?

Answer:

1) The controls from section A.5 Information security policies are covered in many policies provided in the toolkit (e.g., Information security policy, Access control policy, Acceptable use policy, Backup policy, etc.).
2) The controls from section A.18 Compliance are covered in the following documents: Procedure for Identification of Requirements, and List of Legal, Regulatory, Contractual and Other Requirements - you'll find them in folder 02 "Procedure for identification of requirements"
3) ISO 27001 does not require the usage of a tool for doing the risk assessment, so we are offering the Excel sheets for performing this task - in our experience, this is much easier for smaller companies for which our toolkit is designed. You'll find those sheets in the folder 0 5 "Risk assessment and risk treatment methodology"

By the way, you can find the information about which controls and requirements are covered by each document in the file List of documents that you'll find in the root folder of the toolkit.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 03, 2017

Jul 03, 2017

Suggested Topics

Guest user Created:   Sep 11, 2021 ISO 27001 & 22301
Replies: 1
0 0

Toolkit content

Guest user Created:   May 28, 2021 ISO 27001 & 22301
Replies: 1
0 0

Toolkit content

Guest user Created:   Mar 11, 2021 ISO 27001 & 22301
Replies: 1
0 0

Toolkit content