Archive

Archive for the ‘ISO 27001’ Category

5.1.2 Review of Information security policy

July 9th, 2009 Comments off

This control is related to Management.

Nothing is constant in this world. The environment, vulnerabilities and business models are continuously changing. So, it becomes important to continually review the information security policy.

Read more…

Categories: ISO 27001 Tags:

5.1.1 Information Security Policy Document

July 2nd, 2009 Comments off

This control is related to Management and Operations.

The management should provide support and a clear policy direction across the organization in the form of a written business document for information security. Management must communicate information security policy to all employees and relevant parties including consultants, contractors, vendors, business partners etc.

Read more…

Categories: ISO 27001 Tags: