Expert Advice Community

Guest

Wiki as document repository

  Quote
Guest
Guest user Created:   Jun 17, 2019 Last commented:   Jun 17, 2019

Wiki as document repository

An easy one. What should we do in case we have an internal wiki (such as Confluence), where we update procedures “on the go” (i.e. backup procedure), and the mandatory 27001 docs? Should I copy/ paste the procedure from the wiki into , in this case, the Operating procedures for ICT, or it would be enough with a link?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 17, 2019

Given that the wiki is only accessible to the company staff, maybe a copy paste and an indication to revise the procedure in the wiki, which is the one that will be updated, would suffice?

Answer: ISO 27001 does not prescribe how to handle documented information, only that they must be handled properly, so you can use your wiki as long as you can fulfill the requirements for documented information management from clauses 7.5.2 and 7.5.3 (e.g., approval flow, records, preservation, etc.)

This material will also help you regarding documented information:
- Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/
- Document management in ISO 27001 & BS 25999-2 https://advisera.com/27001academy/blog/2010/03/30/document-management-within-iso-27001-bs-25999-2/

By the way, by your answer it seems that you have redundancy - i.e., the same documents in wiki + in another format you use to upload information to wiki. If this is the case, be sure to avoid this redundancy, because it will only increase you administrative work. Keep only one format as your official repository for documented information.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 17, 2019

Jun 17, 2019

Suggested Topics

Guest user Created:   Jun 10, 2024 ISO 27001 & 22301
Replies: 1
0 0

Non-mandatory documents

Brad Created:   Apr 22, 2024 ISO 27001 & 22301
Replies: 1
0 0

Custom Edit Documents