ISO 27001 Management clause 7-Support
- This will include following ResourcesCompetenceAwarenessCommunicationDocumented Information
Topics covered
Application development company India http://www.ifourtechnolab.com
Resources:
o Organization should determine resources which are needed in the establsishment,implementation,maintenance of the information security management system
Clause 7.1
Application development company India http://www.ifourtechnolab.com
Competence:
o Necessary competence of person(s) that affects it performanceo Competent on the basis on education, training and experienceo Retain appropriate documented information as evidence of competence
Clause 7.2
Application development company India http://www.ifourtechnolab.com
Awareness:
Person should be aware of:o The information security policyo Contribution of ISMS and benefits of improved information security performance.o Implications of not conforming ISMS requirements.
Clause 7.3
Application development company India http://www.ifourtechnolab.com
Communication:
Determine need for internal and external communication relevant to the ISMSo On what to communicateo When to communicateo With whom to communicationo Who shall communicateo The process by which communication shall be effected
Clause 7.4
Application development company India http://www.ifourtechnolab.com
Documented information:
- Organization should includeo General documentation required for this international standardso Documented information determined by the organization as being necessary for
the effectiveness of the ISMS.
Clause 7.5
Application development company India http://www.ifourtechnolab.com
Note: it may differ from organization to organization due to:o Size of the organizationo Complexity of processeso The competence of persons
Clause 7.5(Continue..)
Application development company India http://www.ifourtechnolab.com
While creating and updating documents organization should ensure thato Identification and descriptiono Formato Review and approval for suitability and adequacy
Clause 7.5(Continue..)
Application development company India http://www.ifourtechnolab.com
Control of documented information:o It is suitable for use, where and when it is neededo it is adequately protectedo Distribution,access,retrieval and useo Storage o Control of changeso Retention and disposition
Clause 7.5(Continue..)
Application development company India http://www.ifourtechnolab.com
• http://www.iso27001security.com/html/27001.html• http://www.bsigroup.com/en-IN/ISOIEC-27001-Information-Security/Implementing
-ISO-27001/
http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=6329189&url=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Farnumber%3D6329189
References
Application development company India http://www.ifourtechnolab.com
http://www.ifour-consultancy.comhttp://www.ifourtechnolab.com
For more details..
Application development company India http://www.ifourtechnolab.com
Thanks
Application development company India http://www.ifourtechnolab.com
Top Related