Video and template content
Assign topic to the user
In this tutorial - ISO 27001 standard clauses refers to 4.3.2 and 4.3.3 and in the template the reference document is listed as 7.5. Can you please advise why these are different, and which clauses I should reference, so I can make sure this matches up correctly moving forwards? Can you please advise which one should I rely on?
1. Reference documents
· ISO/IEC 27001 standard, clause 7.5
· ISO 22301 standard, clause 7.5
· BS 25999-2 standard,clauses 3.4.2 and 3.4.3
· Information Security Policy
· Business Continuity Policy
· Policy for handling classified information
· [other documents and regulations specifying document control]
Answer:
First of all, sorry for this inconvenience. Every time you find such discrepancies between the tutorials and documentation, please use the information in the templates, because they are the most updated version.
2 - Also there is mention throughout of ISO/IEC 27001. Can you please confirm what the IEC relates to as I ha ve not come across this before.
Do I keep this referenced within our documentation as the Standard name or should I have this removed? As I work through the video / documentations, I am noticing several discrepancies between the video and the template.
Answer:
The International Electrotechnical Commission (IEC) is an international standards and conformity assessment body for all fields of electrotechnology, and has joined with ISO for the development of ISO 27001, since many controls to protect information are related to electrotechnology. The official name of the standard is ISO/IEC 27001, but you can only refer to the standard as ISO 27001 without problems.
Comment as guest or Sign in
Dec 12, 2018