left-svg
Bonus expert support worth $500
with the ISO 27001 Documentation Toolkit
Limited-time offer – ends June 30, 2022.
right-svg

Expert Advice Community

Guest

Toolkit questions

  Quote
Guest
Guest user Created:   May 21, 2022 Last commented:   May 21, 2022

Toolkit questions

I have many questions First one: why the implementation tool kit did not contain the folder for A5 and folder for A18 in the folder 08 for annex a Second question:  while I browse your website I found the document named checklist of ISO 27001 mandatory documentation I confused AND I have a question regarding this document regarding the documentation I SHOULD deliver to the certification auditor My question is do I have to submit   this document to the certification auditor ? Third question: what is the difference between this document and the  implementation tool kit Which contain folders from 00 to 12

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 21, 2022

1 - First one: why the implementation tool kit did not contain the folder for A5 and folder for A18 in the folder 08 for annex a

Answer: Please note that there is no need for a folder A.5 in the toolkit because the policies needed to fulfill the controls from section A.5 from ISO 27001 Annex A are included in all other folders that make part of the folder 08 Annex A.

Regarding documents that cover controls from section A.18, they can be found here:
- documents in the toolkit in folder "02 Procedure for identification of requirements” ("Procedure for Identification of Requirements" and "Appendix – List of Legal, Regulatory, Contractual and Other Requirements")
- control A.18.1.2 is included in the document IT Security Policy (you'll find it in the toolkit in folder 08 Annex A security controls - A.8 Asset management) in the section "3.15. Copyright".

Included in the toolkit you bought, you'll find a document called “List of Documents” that explains which control/clause is covered by which document, and which documents are mandatory.

2 - Second question:  while I browse your website, I found the document named checklist of ISO 27001 mandatory documentation I confused AND I have a question regarding this document regarding the documentation I SHOULD deliver to the certification auditor My question is do I have to submit this document to the certification auditor ?

Answer: I’m assuming you are referring to the whitepaper Checklist of mandatory documentation required by ISO 27001:2013.

Considering that, there is no need to submit this Checklist of ISO 27001 mandatory documentation documents, the documents included in the toolkit are all you need to present during a certification audit.  

For further information, see:
- Checklist of Mandatory Documentation Required by ISO 27001 https://info.advisera.com/27001academy/free-download/checklist-of-mandatory-documentation-required-by-iso-27001 

3 - Third question: what is the difference between this document and the implementation toolkit, Which contain folders from 00 to 12

Answer: The whitepaper only provides a brief explanation about the documents included in the toolkit, while the toolkit provides templates for real policies and procedures.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 21, 2022

May 21, 2022