What documentation do you need for ISO 27001?
If you want an external auditor to certify your information security management system, you need to store documentation of for all elements in your policy. To make audits to go swiftly and smoothly, you should store all documented information in one easy-to-access place. In this post we provide an overview of what information needs to be stored and…Sieuwert van Otterloo
Information security – asset inventory
One of the first steps in setting up an information security management system is to create an inventory of information assets. It is in important step to make sure the right measures will be taken: the assets are the basis for identifying risks, and thus for the measures that will be taken to mitigate risks.Sieuwert van Otterloo