ISO 27001 Management clause 7-Support

- This will include following ResourcesCompetenceAwarenessCommunicationDocumented Information

Topics covered

Application development company India http://www.ifourtechnolab.com

Resources:

o Organization should determine resources which are needed in the establsishment,implementation,maintenance of the information security management system

Clause 7.1

Application development company India http://www.ifourtechnolab.com

Competence:

o Necessary competence of person(s) that affects it performanceo Competent on the basis on education, training and experienceo Retain appropriate documented information as evidence of competence

Clause 7.2

Application development company India http://www.ifourtechnolab.com

Awareness:

Person should be aware of:o The information security policyo Contribution of ISMS and benefits of improved information security performance.o Implications of not conforming ISMS requirements.

Clause 7.3

Application development company India http://www.ifourtechnolab.com

Communication:

Determine need for internal and external communication relevant to the ISMSo On what to communicateo When to communicateo With whom to communicationo Who shall communicateo The process by which communication shall be effected

Clause 7.4

Application development company India http://www.ifourtechnolab.com

Documented information:

- Organization should includeo General documentation required for this international standardso Documented information determined by the organization as being necessary for

the effectiveness of the ISMS.

Clause 7.5

Application development company India http://www.ifourtechnolab.com

Note: it may differ from organization to organization due to:o Size of the organizationo Complexity of processeso The competence of persons

Clause 7.5(Continue..)

Application development company India http://www.ifourtechnolab.com

While creating and updating documents organization should ensure thato Identification and descriptiono Formato Review and approval for suitability and adequacy

Clause 7.5(Continue..)

Application development company India http://www.ifourtechnolab.com

Control of documented information:o It is suitable for use, where and when it is neededo it is adequately protectedo Distribution,access,retrieval and useo Storage o Control of changeso Retention and disposition

Clause 7.5(Continue..)

Application development company India http://www.ifourtechnolab.com

• http://www.iso27001security.com/html/27001.html• http://www.bsigroup.com/en-IN/ISOIEC-27001-Information-Security/Implementing

-ISO-27001/

http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=6329189&url=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Farnumber%3D6329189

References

Application development company India http://www.ifourtechnolab.com

http://www.ifour-consultancy.comhttp://www.ifourtechnolab.com

For more details..

Application development company India http://www.ifourtechnolab.com

Thanks

Application development company India http://www.ifourtechnolab.com