The ISMS Manual defines how an organisations Information Security Management System (ISMS) is manged. The document cover all of the clauses within the ISO 27001 standard, as well as the mandatory controls covered in Annex A of the standard. The manual is setup with the same structure as the standard, which make it easier to use and cross reference with individual clauses.
Our ISMS Manual provides the framework for your information security management system and can be used as a guideline for all employees who need to be aware of information security to some extent.
The purpose of the ISMS Manual is to outline how information security is managed within the business and how the organisation minimises their risks for security breaches. The ISMS Manual additionally ensures that an organisation cover all of the clauses within ISO 27001, which is required if they want to get certified to the standard.
This manual is the main reference document, outlining all of the information security management activities within an organisation. It is additionally supported by other documents such as the Information Security Policy and Statement of Applicability amongst other. The Statement of Applicability is where you detail how each of the controls from Annex A is covered.
This document is for ISO 27001 only; however, if you are implementing an Integrated Management System (IMS), you can use our IMS Manual to cover the different standards included as part of your management system.
The document can be purchased individually or as part of a package. If you are implementing a management system based on one or more of the main ISO standards, then our management system packages might be more cost effective.
Our standard management system packages cover a combination of ISO 9001, ISO 14001, ISO 27001 and ISO 45001. However, additional standards can easily be included if needed.
