8/11/2023 0 Comments Iso 27002 audit checklist xls![]() There are numerous non-mandatory ISO 27001 documents that can be used for the implementation, especially for the security controls from Annex A, but not all of them are equally useful. Logs of user activities, exceptions, and security events Trainings, skills, experience, and qualifications Here are the mandatory records: What must be recorded ![]() *Note: ISO 27001 documents or records required by Annex A controls are mandatory only if there are risks or requirements from interested parties that would demand implementing those controls. Security operating procedures for IT managementÄefinition of security roles and responsibilitiesĪgreements, NDAs, and specifying responsibilities in each security policy and procedure List of Legal, Regulatory, and Contractual Requirements Statutory, regulatory, and contractual requirements Inventory of Assets, or List of Assets in the Risk Register Risk Assessment and Treatment Methodology ![]() Risk assessment and risk treatment process Here are the items you must document if you want to be compliant with ISO 27001, and the most common ways to title those documents: What must be documented
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |