Overview
Highlight key points about your business.
Last updated
Highlight key points about your business.
Last updated
The Overview
page is the main landing page of the Management
section. It allows you to set your organisation's basic parameters to begin building out your ISMS.
From here you can navigate to the other tabs under the Management
section.
The name of your company.
A responsible person in relation to ISO27001 is an individual or group who is accountable for ensuring the proper implementation and maintenance of information security controls within an organisation. This person is responsible for managing the risks associated with information security and ensuring that all relevant policies and procedures are followed. The responsible person is typically a senior manager or executive who has the authority and resources to make decisions and take action to protect the organisations information assets.
The description section should provide a comprehensive overview of the products and services offered by your business.
Scope refers to the process of identifying and defining the boundaries of the information security management system (ISMS). It involves identifying the assets, systems, processes, and operations that are within the scope of the ISMS and determining the extent to which they are subject to the ISO 27001 requirements.
Exclusions from scope refers to specific areas or activities within an organisation that are not included in the scope of the information security management system (ISMS). These exclusions are typically based on factors such as the level of risk, cost, or complexity, and may be justified by the organisation during the initial scoping process.
Homeworkers are individuals who work from home or remote locations, outside of traditional office environments. In the context of ISO 27001, these individuals are considered part of an organisations workforce and are subject to the same information security policies and procedures as those who work in a traditional office setting. As such, it is important for organisations to ensure that their remote workers are adequately trained in information security practices and are provided with the necessary tools and resources to maintain the confidentiality, integrity, and availability of organisational information.