Wiki as document repository
Assign topic to the user
Given that the wiki is only accessible to the company staff, maybe a copy paste and an indication to revise the procedure in the wiki, which is the one that will be updated, would suffice?
Answer: ISO 27001 does not prescribe how to handle documented information, only that they must be handled properly, so you can use your wiki as long as you can fulfill the requirements for documented information management from clauses 7.5.2 and 7.5.3 (e.g., approval flow, records, preservation, etc.)
This material will also help you regarding documented information:
- Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/
- Document management in ISO 27001 & BS 25999-2 https://advisera.com/27001academy/blog/2010/03/30/document-management-within-iso-27001-bs-25999-2/
By the way, by your answer it seems that you have redundancy - i.e., the same documents in wiki + in another format you use to upload information to wiki. If this is the case, be sure to avoid this redundancy, because it will only increase you administrative work. Keep only one format as your official repository for documented information.
Comment as guest or Sign in
Jun 17, 2019