iso 27001 mandatory documentation

D106: DEMO OF ISO 27001:2013 DOCUMENT KIT Price 450 USD

Complete editable Information security editable document tool kit (Policy, manual, procedures, forms, audit checklist, work instruction etc.)

Buy: http://www.globalmanagergroup.com/iso-27001-it-security-standard-

documents-manual-procedure-auditchecklist.htm

www.globalmanagergroup.com E mail [email protected] Tele: +91-79-2656 5405 of 12

A. The entire Editable Document kit has 8 main directories as below.

Sr. No.

List of Directory Document of Details

1. ISMS Manual 13 files in Ms. word

2. Information Security Policy 23 policies – 63 pages in Ms. word

3.

Procedures 19 procedures – 100 pages in Ms. word

IS Procedure 12 procedures – 68 pages in Ms. word

ISMS Procedure 07 procedures – 32 pages in Ms. word

4. Standard Operating Procedures 09 SOPs – 41 pages in Ms. Word

5. Process Flow Charts 06 process flow chart – 21 pages in Ms. word

6.

Formats / Templates

Name of departments 45 formats – approx. 80 pages in Ms. Word

HR 04 formats in Ms. Word

HW( Maintenance) 02 formats in Ms. Word

Information Security (IS) 15 formats in Ms. Word

IS Management System (ISMS) 09 formats in Ms. Word

Marketing (MKT) 04 formats in Ms. Word

Purchase (PUR) 02 formats in Ms. Word

Software (SOFT) 05 formats in Ms. Word

Training (TRG) 06 formats in Ms. Word

7. Filled Formats 14 formats – approx. 40 pages in Ms. Word

Filled Job Description 05 filled formats in Ms. Word

8. ISMS Audit Checklist More than 500 questions

ISMS good practices audit checklist

Total more than 500 questions ISO 27001:2013 Clause wise questions

ISO 27001:2013 Controls Audit Checklist

Total 131 files quick download in editable form by e delivery

To get more information about ISO 27001:2013 Documentation kit Click Here

Chapter-1.0 CONTENTS OF ISO 27001:2013 DOCUMENT KIT

(More than 120 document files)

http://www.globalmanagergroup.com/iso-27001-it-security-standard-documents-manual-procedure-auditchecklist.htm






B. ISO 27001-2013 requirement wise documents list:

Document No. Document Title and ISO 27001-2013 requirement and controls title Number of

pages / Sheets

Project resources

Section 04. Context of the organisation

ISMS/1 Information security management system Manual

IP/IS/01 Procedure for scope documentation and implementation 03 pages

IP/IS/02 Approach procedure for ISMS implementation 08 pages

sample scope sample scope template 15 pages

Section 05. Leadership.


F/HR/04 Job description and specification

F/SOFT/02 minutes of meeting form( Include top mgt communication) 01 page

Section 06. Planning

IP/IS/03 Procedure For Risk Management 12 pages

IP/IS/05 Procedure For Assets Classification & Control 07 pages

F/IS/01 form for Asset Identification and Classification 01 page

F/IS/02 form for Risk Assessment and Treatment Plan 01 page

F/IS/11 Form for Statement of Applicability 03 sheets

F/IS/08 form for ISMS Objective Monitoring Report 02 sheets

F/IS/09 Key Activities Input And Output report 01 sheet

F/ISMS/05 Form for IS Objectives implementation Plan

F/IS/06 Capacity Planning template 01 sheet

Filled forms sample filled forms for asset identification

Filled forms sample filled forms for risk assessment and treatment 01 sheet

Filled forms sample filled forms for objective monitoring 02 sheets

Section 07. Support

IP/ISMS/02 Procedure for the Documented Information control 07 pages

IP/ISMS/04 Procedure for the control of records. 04 pages

IP/IS/08 Procedure For Communication & Operational Management 07 pages

IP/ISMS/07 Procedure For Personnel Training 03 pages

F/ISMS/01 Master list and distribution list of documents form 01 page

F/ISMS/02 Change note ( documents) form 01 page

F/ISMS/04 Master list of record 01 page

F/TRG/01 Training calendar form 01 page

F/TRG/02 Employees competence report 01 page

F/TRG/03 Induction Training Report 01 page

F/TRG/05 Skills Matrix Sheet 01 sheet

F/TRG/04 Training Report 01 page

F/SOFT/04 Change Request(software and hardware) 04 sheets

Section 08. Operation

F/PUR/01 Purchase Order form 01 page






F/IS/12 Implementation Of Recommended Controls form 02 Sheets

F/IS/13 Outsourced Service Details form 01 sheet

IP/IS/03 Procedure For Risk Management 12 pages

F/IS/10 Information security risk assessment report

F/IS/02 form for Risk Assessment and Treatment Plan 01 page and

02 sheets

IP/IS/10 Procedure For System Development And Maintenance 03 pages


Filled forms Risk treatment plan filled form 01 pages

E/ISMS/02/PUR Purchase and outsourced activity process 04 pages

Section 09. Performance Evaluation

IP/ISMS/05 Procedure For Internal Information Security Management System Audit

04 pages

IP/ISMS/01 Procedure For Management Review 03 pages

F/ISMS/06 Audit Plan / Programme form 01 page

F/ISMS/07 Internal ISMS Audit NCR Report 01 page

F/ISMS/08 ISO 27001:2013 Audit Check List Report 02 pages

F/IS/08 ISMS Objective Monitoring Report 02 sheets

F/IS/12 Implementation Of Recommended Controls form 02 sheets

SOP08 Standard Operating Procedure for Audit trails 06 pages

Section 10. Improvement

IP/ISMS/06 Procedure for control of nonconformity and improvement 05 pages

SOP07 Information security incident management Procedure 13 pages

IP/ISMS/03 Procedure For Corrective Action 05 pages

F/ISMS/03 Format for Corrective Action Report 01 page

F/ISMS/09 format for Continual Improvement Monitoring Log 01 page

Section A5. Security Policies


Policy/1 to Policy/23

Information Security policy 63 pages

F/ISMS/01 Master List And Distribution List Of Document 01 page

Section A6. Organisation of Information Security

IP/IS/04 Procedure For Organization Security 05 pages

F/HR/04 Job description and specification form

Sample filled job description

SOP01 Procedure for liaison with Specialist Organizations 01 page

Policy/18 Mobile Computing Policy 03 pages

Section A7. Human Resources security

IP/IS/06 Procedure For Personnel Security 04 pages

IP/ISMS/07 Personnel and training 03 pages

F/HR/02 Employee leaving/transfer/termination Checklist 01 page

F/HR/03 Employment confidentiality and Non-competition agreement 07 pages

Policy/17 Training Policy 02 pages

F/TRG/03 Induction Training Report 01 page






F/TRG/05 Skills Matrix Sheet 01 sheet

F/TRG/04 Training Report 01 page

Section 08. Asset Management

IP/IS/05 Procedure For Assets Classification & Control 07 pages

Policy/01 Acceptable Use policy-Information Services 03 pages

SOP05 Procedure for the Management of Removable Media 03 pages

F/IS/01 Form for Asset Identification and Classification 01 page and

02 sheets

Policy/06 policy for Physical Media & Disposal of Sensitive Data 02 pages

F/IS/04 Media Disposal and Scrap Record 01 page

Section A9. Access Control

IP/IS/09 Procedure For Access Control 05 pages

ISMS015001 IT Access Control Policy

F/IS/03 New User Creation Form 02 pages

Policy/03 Policy For Access Card 01 page

Policy/09 Password Policy 02 pages

Policy/11 User registration Access Management policy 04 pages

Policy/12 Policy for working in Secured Areas 02 pages

F/HR/01 Visitor Entry Register 01 page

Section A10. Cryptography

Policy/15 Cryptographic Policy 04 pages

Section A11. Physical and environmental Policy

IP/IS/07 Procedure For Physical And Environmental Security 02 pages

SOP03 Sop For Software Configuration Management 08 pages

F/HW/01 Breakdown History Card form 01 page

F/HW/02 Preventive Maintenance Check List 01 sheet

Policy/02 Infrastructure Policy 05 pages

Policy/05 Clear desk and clear Screen Policy 02 pages

Policy/14 Work Station Policy 02 pages

Policy/07 Electronic Devices Policy 01 page

Policy/08 Laptop Policy 02 pages

Section A12. Operation security.

SOP08 Standard Operating Procedure for Audit trails 06 pages

SOP04 Procedure for Server Hardening 04 pages

Policy/04 Back up Policy 03 pages


Policy/22 Change Control policy 08 pages

F/MKT/01 Contract Review Checklist / Summery of Contract 01 page

F/MKT/04 Service Level Agreement 12 pages

F/IS/06 Capacity Planning form 01 sheet

SOP06 Procedure for the Handling of Virus Attacks 02 pages


F/SOFT/04 Change Request(software and hardware) 03 sheets

Policy/10 Patch Management 01 page






Policy/23 Freeware and Shareware Policy 01 page

Section A13. Communication security


Policy/16 LAN Policy 07 pages

Policy/20 Internet 02 pages

Policy/21 Messenger And E mail policy 03 pages

SOP02 SOP For Group Internal And E-mail Usage Procedure 05 pages

Section A14. System acquisition, development and maintenance

IP/IS/10 Procedure For System Development And Maintenance 03 pages

F/SOFT/01 Software Project Plan and Review Approval Register 01 page

F/SOFT/02 Minutes of meeting 01 page and

01 sheet

F/SOFT/03 Configuration Items List 05 pages

F/SOFT/04 Change Request Hard ware and soft ware CM items) 03 sheets


Section A15. Supplier relationship

IP/IS/04 Procedure For Organization Security 05 pages

E/ISMS/02/PUR Purchase process flow 04 pages

F/PUR/02 Material Inward / Outward Record 01 page

F/HR/03/01 Supplier confidentiality and Non-competition agreement 07 pages

F/IS/13 Outsourced Service Details 01 sheet

F/PUR/03 Approved supplier list

Section A16. Information security incident management

SOP07 Information security incident management Procedure 13 pages

SOP06 Procedure for the Handling of Virus Attacks 05 pages

IP/ISMS/06 Procedure for control of nonconformity and improvement 05 pages

F/IS/05 Security incident Investigation Form 02 sheets

Section A17. Information security aspects of business continuity management

IP/IS/11 Procedure for Business Continuity Management Planning 09 pages

SOP09 SOP for Business Continuity Plan 09 pages

Filled form Sample business continuity test report 02 pages

F/IS/07 Business Continuity Test Report 01 page

Section A18. Compliance

IP/IS/12 Procedure For Compliance with Legal Requirements 03 pages

Master guidelines

ISO27001 2013 Document template set with Clausewise and control wise guidelines

ISO 27001 complete set compliance set

ISMS sample policy

ISO 27001-2013 requirements audit checklist

ISO 27001-2013 control wise audit checklist

Good practices and ISMS control audit questions

Total list of all documents

Note: 1. IP: information security procedures 2. Policy: Policy documents 3. SOP: standard operating procedures 4. E/ISMS: Process flow charts 5. Formats






C. Documentation: -

Our document kit is having sample documents required for ISO certification as listed below. All documents are in word and you can edit it. You can do changes as per your company need and within 2 days your entire documents with all necessary controls are ready and our many organization are certified globally in 1

st trial with the help of our documents from any stringent

certification audit. Under this directory further files are made in word Document as per the details listed below. All the documents are related to any kind of manufacturing/process industry.

1. ISO 27001:2013 - ISMS Manual:

It covers sample copy of Information Security and Quality Manual and clause wise details for how ISO 27001-2013 systems are implemented. It covers list of procedures as well as overview of organization and covers tier1 of ISO 27001-2013 documents.

(A) Table of Contents

Chapter

No. Subject

Page

No.

ISO: 27001 2013

Clause Reference

Section – 1

1. Table Of Contents and Authorization Statement 1 – 2 -----

2. Company Profile 1 – 2 -----

3. Control and Distribution 1 – 3 -----

Section – 2

Chapter No. Title Page no. ISO:27001 REQ.

4.

Context of the Organization

1 – 7

4.0

Understanding the organization and its context 4.1

Understanding the needs and expectations of interested parties

4.2

Determining the scope of the information security management system

4.3

Information security management system 4.4

5.

Leadership

1 – 10

5.0

Leadership and commitment 5.1

Policy 5.2

Organizational roles, responsibilities and authorities 5.3

6.

Planning

1 – 2

6.0

Actions to address risks and opportunities 6.1

General 6.1.1

Information security risk assessment 6.1.2

Information security risk treatment 6.1.3

Information security objectives and planning to achieve them

6.2

7.

Support

1 – 6

7.0

Resources 7.1

Competence 7.2

Awareness 7.3

Communication 7.4

Documented information 7.5

General 7.5.1






Creating & Updating 7.5.2

Control of documented information 7.5.3

8.

Operation

1 – 5

8.0

Operational planning and control 8.1

Information security risk assessment 8.2

Information security risk treatment 8.3

9.

Performance Evaluation

1 – 5

9.0

Monitoring, measurement, analysis and evaluation 9.1

Internal audit 9.2

Management review 9.3

10.

Improvement

1 – 5

10.0

Nonconformity and corrective action 10.1

Continual Improvement 10.2

Annexure

ANX-I List Of ISMS and IS Procedures 1 – 2 -

ANX-II Glossary Of Terms 1 – 1 -

ANX-III Process Flow Chart 1 – 4 -

2. Information security Policies for ISMS controls (23 policies)

It covers guideline for controls applied as per ISO 27001-2013 guidelines. The policy document templates are provided to frame the information security controls as listed below.

List of Policy

1. Policy/01 Acceptable Use policy-Information Services 13. Policy/13 Visitor Policy

2. Policy/02 Infrastructure Policy 14. Policy/14 Work Station Policy

3. Policy/03 Policy For Access Card 15. Policy/15 Cryptographic Policy

4. Policy/04 Back up Policy 16. Policy/16 LAN Policy

5. Policy/05 Clear desk and clear Screen Policy 17. Policy/17 Training Policy

6. Policy/06 Physical Media & Disposal Sensitive Data 18. Policy/18 Mobile Computing Policy

7. Policy/07 Electronic Devices Policy 19. Policy/19 Teleworking Policy

8. Policy/08 Laptop Policy 20. Policy/20 Internet

9. Policy/09 Password Policy 21. Policy/21 Messenger And E mail

10. Policy/10 Patch Management 22. Policy/22 Change Control

11. Policy/11 User registration Access Management 23. Policy/23 Freeware and Shareware Policy

12. Policy/12 Policy for working in Secured Areas

3.0 ISO 27001-2013 procedures 3.1 IS Procedures: (12 Procedures)

It covers sample copy of mandatory all the Information security procedures as well as Information security procedures covering all the details as per ISO 27001-2013 requirements.

List of IS Procedures

1. IP/IS/01 Scope Documentation For Implementation

2. IP/IS/02 Approach Procedure For ISMS Implementation

3. IP/IS/03 Procedure For Risk Management

4. IP/IS/04 Procedure For Organization Security

5. IP/IS/05 Procedure For Assets Classification & Control

6. IP/IS/06 Procedure For human resource Security






7. IP/IS/07 Procedure For Physical And Environmental Security

8. IP/IS/08 Procedure For Communication & Operational Management

9. IP/IS/09 Procedure For Access Control

10. IP/IS/10 Procedure For System Development And Maintenance

11. IP/IS/11 Procedure for Business Continuity Management Planning

12. IP/IS/12 Procedure For Legal Requirements

3.2 ISMS Procedures: (07 Procedures)

It covers sample copy of mandatory all the Information security management system procedures as well as Information security management system procedures covering all the details as per ISO 27001-2013 requirements.

List of ISMS Procedures

1. IP/ISMS/01 Procedure For Management Review

2. IP/ISMS/02 Procedure For Documented Information Control

3. IP/ISMS/03 Procedure For Corrective Action

4. IP/ISMS/04 Procedure For Control Of Record

5. IP/ISMS/05 Procedure For Internal Information Security Management System Audit

6. IP/ISMS/06 Procedure for control of nonconformity and improvement

7. IP/ISMS/07 Procedure For Personnel and Training

4. Standard Operating Procedures (09 SOPs)

It covers sample copy of SOPs to link with significant aspects issues in the organization. It takes care of all such issues and used as a training guide as well as to establish control and make system in the organization. The samples given are as a guide and not compulsory to follow and organization is free to change the same to suit own requirements

List of SOPs

1. SOP01 Procedure for liaison with Specialist Organizations

2. SOP02 Procedure For Group Internal And E-mail Usage Procedure

3. SOP03 Sop For Software Configuration Management

4. SOP04 Procedure for Server Hardening

5. SOP05 Procedure for the Management of Removable Media

6. SOP06 Procedure for the Handling of Virus Attacks

7. SOP07 Information security incident management Procedure

8. SOP08 Standard Operating Procedure for Audit trails

9. SOP09 SOP for Business Continuity Plan

5. Process Flow Charts: (06 Process Flow Charts)

It covers guideline for processes, process model. It covers process flow chart activities of all the main and critical processes with input-output matrix for manufacturing organization. It helps any organization in process mapping as well as preparing process documents for own organization.

List of Process Flow Chart

1. E/QMS/02/BPO Tax Account Related BPO-Work

2. E/QMS/02/MKT Marketing

3. E/QMS/02/PUR Purchase

4. E/QMS/02/SOFT Software Development

5. E/QMS/02/TRG HRD and Training

6. E/QMS/02/WEB Web Application






6. Blank Formats: (45 Blank Formats)

It covers sample copy of blank forms required to maintain records as well as establish control and make system in the organization. The samples given are as a guide and not compulsory to follow and organization is free to change the same to suit own requirements.

List of Blank Formats

HR 24. New User Creation Form

1. Visitor Entry Register 25. Media Disposal and Scrap Record

2. Employee leaving/transfer/termination Checklist 22. Asset Identification and Classification

3. Employment confidentiality and Non-competition agreement

23. Risk Assessment and Treatment Plant

4. Job Description and Specification 26. Security incident Investigation Form

5. Supplier confidentiality and Non-competition agreement 27. Capacity Planning

Training 28. Business Continuity Test Report

6. Training Calendar 29. ISMS Objective Monitoring Report

7. Employees Competence Report 30. Key Activities Input And Output

8. Induction Training Report 31. Asset Identification And Classification

9. Training Report 32. Statement Of Applicability report

10. Skills Matrix Sheet 33. Implementation Of Recommended Controls

Purchase 34. Outsourced Service Details

11. Purchase Order Hardware 12. Material Inward / Outward Record 35. Breakdown History Card

13. Approved supplier list 36. Preventive Maintenance Check List

Marketing ISMS (Information Security Management Security)

14. Contract Review Checklist / Summery of Contract 37. Master List And Distribution List Of Document

15. Customer Complaint Report 38. Change Note

16. Customer Feed Back Form 39. Corrective Action Report

17. Service level agreement 40. Master List Of Record

Software 41. IS Objectives implementation Plan

18. Software Project Plan and Review Approval Register 42. Audit Plan / Programme

19. Minutes of meeting 43. Internal ISMS Audit NCR Report

20. Configuration Items List 44. ISO 27001:2013 Audit Check List Report

21. Change Request 45. Continual Improvement Monitoring Log

IS (Information Security)

7. Filled Formats: (14 Filled Formats)

It covers sample copy of filled forms required to maintain records as well as establish control and make system in the organization. The filled samples given are as a guide and not compulsory to follow and organization is free to change the same to suit own requirements.

List of Filled Formats

1. Asset Register and Evaluation 9. Scope Document for ISMS Implementation

2. Business Continuity Test Report Job Description

3. Asset Identification And Classification 10. Job Description and Specification - Director

4. Risk Assessment and Treatment Plan 11. Job Description and Specification – HR Head

5. Master Compliance Matrix 12. Job Description and Specification – ISMS Head

6. ISMS Objectives Monitoring Sheet 13. Job Description and Specification – Networking Engineer

7. People Assets 14. Job Description and Specification – Software Developer

8. Risk Assessment And Treatment Plan






8. Audit Checklist (More than 500 Audit check list questions)

ISO 27001-2013 requirement wise as well as technical audit checklist and best practices are given.

1. ISMS Good Practices Audit Checklist

2. ISO 27001:2013 Clausewise

3. ISO 27001:2013 Controls Audit Checklist

Global manager group is a progressive company and promoted by a group of qualified engineers and management graduates having rich experience of 20 years in ISO consultancy and management areas. The company serves the global customers through on-site and off-site modes of service delivery systems. We offer a full range of consulting services geared towards helping all types of organizations to achieve competitiveness, certifications and compliance to international standards and regulations. So far we had more than 1200 clients in more than 45 countries. Our ready made training and editable document kit helps the client in making their documents easy and make them complying to related ISO standard faster.

1. Our promoters and engineers have experience of more than 1200 companies globally for management training, ISO series consultancy. We had clients in more than 45 countries.

2. Highly qualified 40 team members (M.B.A., Degree engineers) and owner is having rich professional experience (since 1991).

3. We have 100% success rate for ISO series certification of our clients from reputed certifying body and branded image and leading name in the market.

4. Suggest continual improvement and cost reduction measures as well as highly informative training presentations and other products gives payback within 2 months against our cost.

5. So far more than 50000 employees are trained by us in ISO series certification. 6. We had spent more than 60000 man-days (170 man years) in preparing ISO

documents and training slides.

Global Manager Group is committed for:

1. Personal involvement & commitment from first day

2. Optimum charges

3. Professional approach

4. Hard work and update the knowledge of team members

5. Strengthening clients by system establishment and providing best training materials in any areas of management to make their house in proper manner

6. To establish strong internal control with the help of system and use of the latest management techniques.

Chapter-2.0 ABOUT COMPANY






3.1 Hardware and Software Requirements

A. Hardware: -

Our document kit can be better performed with the help of P3 and above computers with a minimum 10 GB hard disk space.

For better visual impact of the power point Documentation you may keep the setting of colour image at high colour.

B. Software used in Documentation kit

Documents written in Ms office 2003 and window XP programs. You are therefore required to have office 2003 or above with window XP

3.2 Features of Documentation kit: -

Contains all necessary documents as listed above and comply with the requirements of ISO Standards

Written in Plain English

It will save much time in typing and preparation of documents alone.

User-friendly and easy to learn.

Developed under the guidance of experienced experts.

Provides model of a Management system that is simple and free from excessive paperwork.

Chapter-3.0 USER FUNCTION






1. By using these documents, you can save a lot of your precious time while preparing the ISO 27001-2013documents.

2. Take care for all the section and sub sections of ISO 27001standard and helps you in establishing better system.

3. Document kit enables you to change the contents and print as many copies as you need. The user can modify the documents as per their industry and create own ISO 27001-2013documents for their organization

4. Readymade templates and sample documents are available which can reduce your time in document preparation.

5. Save much time and cost in document preparation.

6. The audit questions helps in making perfect audit checklist.

For purchase Click Here BUY

Visit our web site for more documentation kit:

http://www.globalmanagergroup.com/E-Shop.aspx

Chapter-4.0 BENEFITS OF USING OUR DOCUMENT KIT

http://www.globalmanagergroup.com/Cart.aspx?prodid=G3YX9SQjp9w=

http://www.globalmanagergroup.com/E-Shop.aspx