What documentation do you need for ISO 27001?
If you want an external auditor to certify your information security management system, you need to store documentation of for all elements in your policy. To make audits to go swiftly and smoothly, you should store all documented information in one easy-to-access place. In this post we provide an overview of what information needs to be stored and…Sieuwert van Otterloo
Information security – asset inventory
One of the controls of ISO 27002 is to keep inventory of information assets (A.8.1.1). We recommend creating an asset inventory as one of the first steps when setting up an information security management system. Having an asset inventory is very useful when you are performing a risks workshop: it helps you to identify risks with…Sieuwert van Otterloo