From Help Net Security:
8 criteria to decide which ISO 27001 policies and procedures to write
In my personal opinion you can never have too much documentation. All business processes, policies, work instructions ... The key is making them easily accessible and understandable.
No comments:
Post a Comment