ISO 27001 5.3 – Organisational roles, responsibilities and authorities
ISO 27001 Section 5.3 – Organisational roles, responsibilities and authorities
Depending on the size and nature of your organisation you are likely to have a number of different roles, responsibilities that need to be set. When doing this it is important to ensure the authorisation levels are appropriate. It is also important that these roles are communicated to the organisation.
These roles will include:
- making sure the information security management system continues to conform to the requirements of the International Organisation for Standardisation
- ISMS performance reporting