richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Renamed some folders

Browse source
This commit is contained in:
Richard Kranendonk 2026-04-29 14:20:35 +02:00
parent 3542083f69
commit 3c800ae860
278 changed files with 113 additions and 113 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Corpus/Standards/ISO27x/Governance model for Policies and Controls.md
View file

@ -16,7 +16,7 @@ In the ISO 27001 framework, Top Management holds the ultimate accountability. Th
- **Signing Off / Approving:** They must formally approve the information security policy. Any changes to the high-level policy must also be approved by them.
- **Resourcing:** They are responsible for ensuring the resources needed for the ISMS are available.
 see [C.5.1](../../MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), [A.5.1](archive/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md)
 see [C.5.1](../../MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), [A.5.1](legacy/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md)
### **2. Information Security Manager / Competent Personnel**
**Primary Mandate:** _Drafting, Advising, and Reviewing._
@ -58,7 +58,7 @@ To operationalize this model, you can organize your governance activities into t
| **5. Communicating** | **Security Manager/HR** publishes the policy in a format accessible to all employees and relevant external parties. |
| **6. Acknowledging** | **All Personnel** sign or digitally acknowledge that they have read and understood the policy. |
| **7. Reviewing** | **Security Manager** re-evaluates the policy at planned intervals or after significant changes (e.g., a security incident). |
These can be deducted from [C.5.1](../../MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), [A.5.1](archive/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md), C.0.1, and C.0.2
These can be deducted from [C.5.1](../../MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), [A.5.1](legacy/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md), C.0.1, and C.0.2
### **Analogy: The Legislative Process**