O'Reilly logo

Nine Steps to Success: An ISO 27001 Implementation Overview by Alan Calder

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8. Documentation

Your risk assessment determines the controls that have to be deployed in your ISMS, and your Statement of Applicability identifies the controls that you are deploying in the light of your approach to risk management. Every one of those controls, together with your approach to identifying and managing risk, your management structure, your decision-making processes and every other component of your information security management system has to be documented, as a point of reference, as the basis for ensuring that there is consistent application over time, and to enable continuous improvement.

Documentation will be the most time consuming part of the total project and, therefore, how you decide to tackle this aspect will be ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required