CHAPTER 6: POLICIES
ISO 27001 requires an organisation to have an Information Security policy. If interviewed you are likely to be asked if you are aware of the existence of the policy and how you help fulfil the aims set out in it. Make sure you know where you can access your organisation’s information security policy and read it now. Think about how you contribute towards achieving the aims stated in the policy.
Another process with which you need to be familiar is that relating to reporting security incidents, such as what do you do if you think your PC has a virus, or if you witness something that you think is a security weakness.
Get ISO27001 Assessments Without Tears now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
