CERTIKIT ISO27001 Enhanced Gap Assessment Tool

Page 1

Please note: This sample shows only a small part of the complete Enhanced Gap Assessment tool. This comprehensive gap assessmnet tool includes the exact text of the ISO27001 Standard broken down by individual requirement within a user friendly spreadsheet. ISO/IEC 27001 Enhanced Gap Assessment Tool Information security management systems: Requirements Note: Requirements are indicated within the ISO/IEC 27001 standard by the use of the word "shall" and by numbered lists, for example A to G. AREA/SECTION

SUB-SECTION

ISO/IEC 27001 REQUIREMENTS

REQS MET? ACTION NEEDED TO MEET REQ

4 Context of the organization 4.1 Understanding the organization and its context

The organization shall determine external and internal issues that are relevant to its purpose and that affect its ability to achieve the intended outcome(s) of its information security management system.

Yes

4.2 Understanding the needs and expectations of interested parties

The organization shall determine: a) interested parties that are relevant to the information security management system;

Yes

b) the relevant requirements of these interested parties;

Yes

c) which of these requirements will be addressed through the information security management system.

Yes

The organization shall determine the boundaries and applicability of the information security management system to establish its scope.

Yes

4.3 Determining the scope of the information security management system

When determining this scope, the organization shall consider:

4.4 Information security management system

a) the external and internal issues referred to in 4.1;

Yes

b) the requirements referred to in 4.2;

Yes

c) interfaces and dependencies between activities performed by the organization, and those that are performed by other organizations.

Yes

The scope shall be available as documented information.

Yes

The organization shall establish, implement, maintain and continually improve an information security management system, including the processes needed and their interactions, in accordance with the requirements of this document.

Yes

Totals:

Purchase online at www.certikit.com For any questions, please email sales@certikit.com

10

ACTION OWNER

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.