The items not compliant are not applicable within the organization, so they added them to the Compliance Exceptions page in eramba, using “Description” field to explain why it is non-applicable. This will give a good overview of all compliant items with their mitigations. Statement of Applicability, The 27001 Manual. I have been examining the ISO 27001 Standard Document itself and feeling rather overwhelmed and that I am bashing my head against a brick wall. Upon the next audit (which is fulll ISO27001 certification path) he advised to get in contact with eramba to have this solved.Ĭurrently we build the SOA by opening the system report - items. ISO 27001 The Statement of Applicability. Review of the Statement of Applicability (SoA) and Risk Treatment Plan (RTP). For the pas 3 audits within our customers company the Auditor mentioned eramba not able to provide SOA WITHOUT manually altering documents. ISO 27001 is one of the globally recognized information security management.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |