Managing ISO27001 Documentation

3rd February 2017 Author: InfoSaaS

For an organisation looking to demonstrate their information security capability, whether to reduce risks, attract customers or avoid financial or legislative penalties, the international standard ISO/IEC27001:2013 is most commonly used as a benchmark for independent, external validation. As you digest the 30+ pages, containing over 150 specific requirements, you'll start to notice the repeated phrase "shall retain documented information" which is setting the expectation that you need to be...