The forms of the Winple document kit relating to the information security management system ensure the recording of the documented information required by the ISO/IEC 27001:2017 standard.
The activities envisaged by the management procedures are thus recorded in such a way as to:
- Provide objective evidence of the actual completion of a planned activity
- Provide proof of compliance with the provisions of the procedures and other “prescriptive” documents
The product forms have been carefully treated from an aesthetic point of view so that the layout is easily understandable and usable by the people employed by the organization or its interested parties.
The forms were prepared by the Winple editorial staff with the possibility of easily inserting text and sending them to the printing process. The contents have already been structured so that users of the document kit can simply model them to the actual functioning of the organization that implements the management system.
The forms concern all the processes managed by the operating and support procedures and:
- Information security assets
- The evaluation and control of network and communications security
- Software security evaluation and control
- The evaluation and control of the security of processing devices
- The assessment and control of the security of the offices and archives
- Evaluation and control of safety systems and devices
- The management and maintenance of security assets
- The disciplinary process for those who violate the prescriptions of the system
The Information Security Plan which documents how the organization implements all the controls required by Annex A of 27001 is included and already drawn up in the forms of the ISO 27001 Procedures document kit.