Additionally, for evidence of competence the standard also accepts evidences of experience and education, and where you can provide those evidences the CBT and face to face training may be optional. EU GDPR & ISO 27001 Integrated Documentation Toolkit EU GDPR & ISO 27001 Integrated Documentation Toolkit Fully optimized for small and medium-sized companies Comply with EU GDPR and ISO 27001 simultaneously, do it yourself, and do it easily and efficiently with our Documentation Toolkit. Document code Document name Relevant articles in GDPR / clauses in ISO 27001 Mandatory according to GDPR Mandatory according to ISO 27001 30 09 Statement of Applicability ISO/IEC 27001 6.1. Regarding competence evidences, besides a CBT general security course an face to face training for awareness of all people included in the scope, maybe you also should consider specific courses for technical and management personnel, like IT team and top management, since they required more specific knowledge to fulfil their informat ion security related tasks. List of documents for EU GDPR & ISO 27001 Integrated Documentation Toolkit ver 1.0 from of 7 No. We are intending on delivering face to face awareness training on the specific policies being deployed, this will be both general awareness and targeted to those groups of people that specific policies relate to, would a general CBT be enough to back this up?Īnswer: You have to assess the competency only of those included in the scope of your ISMS.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |