SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

Undocumented Controls

  Quote
Guest
Guest user Created:   Feb 22, 2022 Last commented:   Feb 22, 2022

Undocumented Controls

As part of *** ISO 27001 implementation, I thoroughly reviewed the ‘List_of_documents_ISO_27001_Documentation_Toolkit_EN’ file attached that was included within the toolkit and mapped out which Annex A controls were covered by the template documents in the toolkit. I’ve recorded this in the ‘Toolkit Annex A Controls’ file attached for reference. It would have been useful if I didn’t have to manually gather this information myself but that is not the point of this email. My biggest concern is that there appear to be 34 Annex A controls that are not covered by the toolkit, despite the toolkit being advertised as ‘All required ISO 27001 documents’ as shown below. Can you please advise on this matter as soon as you’re able so that I can proceed accordingly? With 34 Annex A controls not being covered, that seems like a lot, and I worry that when our business is audited for ISO 27001, we will fail due to so many missing controls. Any guidance or clarity you could provide on this will help my peace of mind greatly. I’m on a tight deadline to have 27001 and 9001 implemented and certified by the end of June this year, hence me purchasing the toolkits for both to cut down the number of hours required.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 22, 2022

Please note that by “All required ISO 27001 documents” we mean that our ISO 27001 Documentation Toolkit covers all mandatory documents and some documents that are not mandatory. The controls you listed do not need to be documented according to the standard, and in our opinion, it would be an overhead to document each and every one of them in a small company. 

Our toolkit is created specifically for smaller companies that want to implement ISO 27001 in a quick way, without unnecessary paperwork; for larger companies that require more documents, we recommend getting some other solution.

This article will also help you: 

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Feb 22, 2022

Feb 22, 2022

Suggested Topics