Toolkits ISO 27001 & ISO 22301

1) Where is the documentation concerning A.18 (Compliance)?

Answer: First of all, sorry for this confusion.

Documents that cover controls from section A.18 can be found here:
- documents in the toolkit in folder "02 Procedure for identification of requirements” ("Procedure for Identification of Requirements" and "Appendix – List of Legal, Regulatory, Contractual and Other Requirements")
- control A.18.1.2 is included in the document IT Security Policy (you'll find it in the toolkit in folder 08 Annex A security controls - A.8 Asset management) in the section "3.15. Copyright".

In the root folder of the Documentation Toolkit, you'll find a document called “List of Documents” that explains which control/clause is covered by which document, and which documents are mandatory.

2) What about the Annexes A.1 until A.5?

Answer: The documents from section A.5 are not missing from the toolkit – you can find them here:
- A.5 – all the documents from folder “08 Annex A” cover the requirements for information security policies (A.5.1.1 and A.5.1.2)

It is important to note that every control does not need to be documented and to avoid unnecessary administrative work the toolkit includes only all the mandatory + all most common documents.

ISO 27001 does not contain annexes A.1 to A.4. 

3 - In addition I would like to ask if you deliver training materials about the ordered documentation? I already entered ISO 22301 & ISO 27001.

Answer: Please note that included in your toolkit you have access to video tutorials that can guide you on how filling in the most critical documents of the toolkit (e.g., ISMS scope, Information Security Policy, Risk Assessment Table, Risk Treatment table, etc.). In the email you received when you bought the toolkit you will find information on how to access the video tutorials. 

Included in each template there are also comments to guide you on how to fill in the documents.