ISO 27001 Main steps

ISO 27001 – Core of your Conformio account

In Conformio, is the core of your ISO 27001 implementation and, later, its ongoing maintenance. This wizard, as we call it, offers you a simple and easy way to implement the ISO 27001 standard in your company. It is intuitive and easy to use, with helpful text, articles, and videos along the way, guiding you through the process so you always know what to do next.

ISO 27001 Main steps - Support Center
Figure 1. ISO 27001 Main Steps

How to navigate ISO 27001 Main Steps

To access your ISO 27001 Main Steps, simply click in the left navigation bar on the ISO 27001 Main Steps.

ISO 27001 Main steps - Support Center
Figure 2. Click on ISO 27001 Main Steps in left sidebar

The step-by-step wizard was created in such a way as to guide you through the implementation of the ISO 27001 standard. Each mandatory document needed to implement the ISO 27001 standard, and some commonly used non-mandatory documents, are presented as implementation steps. In each step, we have included basic information about the step, as well as information about the document or register that needs to be created as part of that step.

ISO 27001 Main steps - Support Center
Figure 3. Details of the step and document

Opening of the Document or Register wizard

As already mentioned, each step has its own document or register to be filled out. You can access these in the beginning of each step. Conformio asks if you would like to edit this document or register in Conformio, and after clicking yes, the “Open Document (or Register) Wizard” button pops up.

ISO 27001 Main steps - Support Center
Figure 4. Open Document Wizard in the step of Conformio

When you click on the button, the Conformio Document wizard or Register wizard will open with the document or register tied to that step. These wizards are explained in more detail in the article: Working on ISO 27001 documents in Conformio.

ISO 27001 Main steps - Support Center
Figure 5. Opened Document wizard

Conformio’s automation smoothly uses the information you already provided in the Getting Started wizard, so you don’t have to worry about adding your company name, company logo, classification, etc., on each document. Conformio will do that for you.

Awareness, Training, and Resources sections of the step

To make the implementation of the standard easier, and to familiarize your team with each step, we have included the following sections: Awareness, Training, and Resources.

In the Awareness section, Conformio suggests materials that you can use to raise awareness among your colleagues about the implementation of the ISO 27001 standard in your company. You just need to choose the Conformio users who will need to read those materials and click “Send materials,” after which Conformio sends notifications their way.

ISO 27001 Main steps - Support Center
Figure 6. Details in the step – Awareness

In the Training section, you can set assignments for your colleagues who have to perform a specific training on the topic related to that step. Just assign them, and then enter the required knowledge and skills, and (optionally) the training name. When you click “Confirm,” Conformio will send this data to the Training module, where you will be able to create a Training Plan for your company.

You can see further details on the Training module in the Training module help article.

ISO 27001 Main steps - Support Center
Figure 7. Details in the step – Training

If you need any extra resources for the execution of the step, you can ask for them. We have divided these into three categories: Technology, Human Resources, and Finance. Just enter what you need below each section and click “Confirm.” Conformio will automatically send a notification to the person responsible for approving the resources in the project, stating that they need to approve or reject the requested resources for finishing the step. This information is also automatically forwarded to your Risk Treatment Plan.

ISO 27001 Main steps - Support Center
Figure 8. Details in the step – Resources

Once your document or register is finished and approved in the Document or Register wizard, and the Awareness, Training, and Resources fields are filled and checked, the step can be finished. You just need to click on the “Finish Step” button and you can proceed to the next step of your project.

ISO 27001 Main steps - Support Center
Figure 9. Finish step button

Contact us if you have any questions: support@conformio.com

CONTACT US

OUR PARTNERS


  • Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.

  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.

  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.