Toolkit questions
Assign topic to the user
1 - First one: why the implementation tool kit did not contain the folder for A5 and folder for A18 in the folder 08 for annex a
Answer: Please note that there is no need for a folder A.5 in the toolkit because the policies needed to fulfill the controls from section A.5 from ISO 27001 Annex A are included in all other folders that make part of the folder 08 Annex A.
Regarding documents that cover controls from section A.18, they can be found here:
- documents in the toolkit in folder "02 Procedure for identification of requirements” ("Procedure for Identification of Requirements" and "Appendix – List of Legal, Regulatory, Contractual and Other Requirements")
- control A.18.1.2 is included in the document IT Security Policy (you'll find it in the toolkit in folder 08 Annex A security controls - A.8 Asset management) in the section "3.15. Copyright".
Included in the toolkit you bought, you'll find a document called “List of Documents” that explains which control/clause is covered by which document, and which documents are mandatory.
2 - Second question: while I browse your website, I found the document named checklist of ISO 27001 mandatory documentation I confused AND I have a question regarding this document regarding the documentation I SHOULD deliver to the certification auditor My question is do I have to submit this document to the certification auditor ?
Answer: I’m assuming you are referring to the whitepaper Checklist of mandatory documentation required by ISO 27001:2013.
Considering that, there is no need to submit this Checklist of ISO 27001 mandatory documentation documents, the documents included in the toolkit are all you need to present during a certification audit.
For further information, see:
- Checklist of Mandatory Documentation Required by ISO 27001 https://info.advisera.com/27001academy/free-download/checklist-of-mandatory-documentation-required-by-iso-27001
3 - Third question: what is the difference between this document and the implementation toolkit, Which contain folders from 00 to 12
Answer: The whitepaper only provides a brief explanation about the documents included in the toolkit, while the toolkit provides templates for real policies and procedures.
Comment as guest or Sign in
May 21, 2022