In order to help you find out whether ISO/IEC 27001 applies to your organisation, we have constructed this simple questionnaire. To use it, answer the questions and submit. We will then tell you how interested in ISO/IEC 27001 you ought to be and the likely scope of certification you require.
The questions are written from a supplier's point of view. You can try to answer them as a customer to determine what the scope of certification your suppliers should have, if any.
Remember, ISO/IEC 27001 concerns information security, not just IT, so don't forget to include media such as paper, video telephones, faxes and other forms of electronics as well as personnel, procedures and physical aspects when you answer these questions.
No comments:
Post a Comment