Information Security Policy for ISO 27001 Requirement 5.2

Setting your Information Security Policy

Senior management should take the responsibility of establishing an information security policy that:

  • is aligned with the organisation’s purpose
  • details the organisation’s information security objectives or at least demonstrate the framework that those objectives will be set on
  • has a commitment to satisfy infosec requirements and continually improve the ISMS and its policies

In addition to that, the information security policy itself should be documented and communicated within your organisation, as well as interested parties like your supply chain or potential new customers.

Ready to take action?

Discover how ISMS.online can help you achieve or improve on your ISMS objectives

 

Need ISO 27001 policies and controls for your ISMS?

ISMS.online includes practical policies and controls for your organisation to easily adopt, adapt and add to, giving you up to 77% head start with ISO 27001 documentation. 

 

 

Ready to take action?

Discover how ISMS.online can help you achieve or improve on your ISMS objectives

ISMS Online Rating: 5 out of 5
Share This