Expert Advice Community

Guest

Two big doubts

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Two big doubts

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
AntonioS Jan 12, 2016

Question 1: According to standard 31000 external issues can be: Setting cultural, social, political, legal, financial, technological, etc. But what information about those items I need to be in compliance with section 4.1 of ISO 27001? 

Question 2: Which document should I put this information?
 

Answer:

Point 1: It is also the same applicable to ISO 27001, anyway this article can help you “Explanation of ISO 27001:2013 clause 4.1 (Understanding the organization)” : https://advisera.com/27001academy/knowledgebase/how-to-define-context-of-the-organization-according-to-iso-27001/
Point 2: At the end of the article of the point 1, you have a link for the document “Procedure for identification of requirements” : https://advisera.com/27001academy/documentation/procedure-for-identification-of-requirements/. You can see a free version of this template clicking on “Free Demo” tab, and you can use it for the clause 4.1 of the standard.
Quote
0 0
Guest
Guest post Jan 12, 2016
This question arose after I read this article, you can give an example of an external context linked to interested parties?
Quote
0 0
Guest
AntonioS Jan 12, 2016
Sure, I will give you an easy example. External context: Information systems of the organization outsourced in an external data center. Interested party: The external company that manages the data center.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics

Guest user Created:   Jan 17, 2023 ISO 27001 & 22301
Replies: 1
0 0

Inquiry