Functionality available within the Policies and Controls feature area
Policies & controls
Your management system needs to work for you. You’ll know that policies and controls are right at the heart of bringing your management system to life and making it all worthwhile. You’ll have other stakeholders’ expectations to manage too e.g. auditors, board members, colleagues, so you’ll need a platform that will help you with creating, collaborating, controlling and communicating those policies effectively, in one place, in order to achieve compliance or certification.
We’ve summarised our approach to policies and controls here, and the best way to see the power of our Policies & Controls feature is through a live demo.
Whether you’re looking to achieve compliance or certification, creating the right documentation can be difficult. The tools and features that are included with our platform make it simple.
ISMS.online comes with easy to use ‘Notes’ sections, allowing you to write your documentation within the platform. You can create policies and controls from scratch, or build on our Adopt, Adapt, Add content, using our pre-loaded actionable documentation to get a kick-start from the moment you log on. You can also easily upload supporting files in all standard formats as well as migrate and import existing policies and procedures.
Our joined-up solution will simplify how you navigate across the system and make it easy to work as a team. You’ll want to be able to determine who will be involved with your management system, and delegate work in a unified space. You’ll also want to be able to easily search for information which is a common pain point. Our approach solves all of your collaboration concerns, with:
- Easy searching and filtering for all of your documentation
- A clear work ownership process, making it easy for you to manage your team and understand what is assigned to each user
An effective management system should also enable you to effortlessly link your work together.
To succeed you need to have a joined up system, that allows you to house your policies and controls and easily connect to other areas, such as your assets and risks. ISMS.online’s linking and mapping capability has been built with you in mind and makes it easy to keep everything together, and join it up seamlessly.
ISMS.online will save you costs and reduce frustration on collaborating, communicating and time spent searching for information.
In order to comply and be in control of your management system, you should be able to show a clear audit trail of what changes were made and by whom. It’s important to be able to demonstrate you’re in control of information, with standards such as ISO 27001, requiring regular reviews. ISMS.online provides clear visibility of everything that takes place within your management system, with version control for your documents, time stamps and a live updates feed that records every action.
The approval process simplifies how you review your policies and you can assign policies to other users which can be submitted for approval. The integrity of your work can be easily managed, by creating reminders for review at a time to suit you. Once your policy has been approved, you can prevent any further changes from being made, by ‘locking’ your policies and then easily reopen and update versions if you need to later on.
When working within a management system, you’re likely to have many stakeholders that you’ll want to communicate with. The size of your implementation team might vary, but ISMS.online makes it simple to keep everyone informed, irrespective of how many people are involved.
We make it easy for you to share documents and assign responsibility.When you would like to collaborate with team members on an area, ISMS.online gives you the ability to task others with reminder dates and engage in discussions, showing thought processes to auditors.
Once you have created your policies, ISMS.online allows you to effortlessly manage staff and stakeholder policies in one place, through our optional Policy Packs feature. Policy Packs simplify the entire compliance journey, by allowing you to assign policy audiences, onboard new users with ease and monitor visibility of compliance.
As you work within your management system, you’ll want to be able to demonstrate status. Our progress reporting and management dashboard provide a bird’s eye view that can easily be shared with stakeholders, enabling dynamic change management.
We’ve also made it simple when it comes to conducting management reviews, corrective actions and audits with pre-built work areas, saving you time on unnecessary processes.
ISMS.online is a sustainable environment and will facilitate the evolution of your organisation. Whether you’re looking for an Integrated Management System (IMS), or to expand into new frameworks or standards without the need for an IMS, we’ve got you covered. We make it easy for you to add in frameworks and standards as you grow and evolve. As you integrate new frameworks with your existing management system, you’ll be able to connect them with your existing work, which will bring you closer to meeting other standards or regulations.
Security & Privacy
No matter the standards or regulations you’re working towards, it’s likely to involve storing important information. It’s key that you’re able to trust where your content and documentation is stored and that it ensures confidentiality, availability and integrity.
ISMS.online prides itself in providing an easily accessible solution, whilst maintaining high levels of security, assuring peace of mind. See our security credentials here.
Our practical user permission controls and privacy settings also allow you to restrict who has access to your documentation.
Standard specific e.g. ISO 27001
We’ve aligned our ISMS solution with ISO 27001, meaning that the platform is centered around meeting the requirements of the standard.
This means that there’s no need to worry about satisfying requirement 7.5 Documented Information, as you can be assured that features such as ownership and version control are included with this in mind.
You need an easy place to regularly review policies. Our review process built-in to the policies and controls area will help to ensure that policies are reviewed appropriately, as required for A.5.1.2.
For Annex A.18.2 – compliance, we’ve made it easy to collaborate and show you’ve had peer type reviews where it makes sense.
We’ve also made the Statement of Applicability simple by automating it so you can spend your valuable time elsewhere.