ISO 27001 Main steps
ISO 27001 – Core of your Conformio account
In Conformio, is the core of your ISO 27001 implementation and, later, its ongoing maintenance. This wizard, as we call it, offers you a simple and easy way to implement the ISO 27001 standard in your company. It is intuitive and easy to use, with helpful text, articles, and videos along the way, guiding you through the process so you always know what to do next.
How to navigate ISO 27001 Main Steps
To access your ISO 27001 Main Steps, simply click in the left navigation bar on the ISO 27001 Main Steps.
The step-by-step wizard was created in such a way as to guide you through the implementation of the ISO 27001 standard. Each mandatory document needed to implement the ISO 27001 standard, and some commonly used non-mandatory documents, are presented as implementation steps. In each step, we have included basic information about the step, as well as information about the document or register that needs to be created as part of that step.
Opening of the Document or Register wizard
As already mentioned, each step has its own document or register to be filled out. You can access these in the beginning of each step. Conformio asks if you would like to edit this document or register in Conformio, and after clicking yes, the “Open Document (or Register) Wizard” button pops up.
When you click on the button, the Conformio Document wizard or Register wizard will open with the document or register tied to that step. These wizards are explained in more detail in the article: Working on ISO 27001 documents in Conformio.
Conformio’s automation smoothly uses the information you already provided in the Getting Started wizard, so you don’t have to worry about adding your company name, company logo, classification, etc., on each document. Conformio will do that for you.
Awareness, Training, and Resources sections of the step
To make the implementation of the standard easier, and to familiarize your team with each step, we have included the following sections: Awareness, Training, and Resources.
In the Awareness section, Conformio suggests materials that you can use to raise awareness among your colleagues about the implementation of the ISO 27001 standard in your company. You just need to choose the Conformio users who will need to read those materials and click “Send materials,” after which Conformio sends notifications their way.
In the Training section, you can set assignments for your colleagues who have to perform a specific training on the topic related to that step. Just assign them, and then enter the required knowledge and skills, and (optionally) the training name. When you click “Confirm,” Conformio will send this data to the Training module, where you will be able to create a Training Plan for your company.
You can see further details on the Training module in the Training module help article.
If you need any extra resources for the execution of the step, you can ask for them. We have divided these into three categories: Technology, Human Resources, and Finance. Just enter what you need below each section and click “Confirm.” Conformio will automatically send a notification to the person responsible for approving the resources in the project, stating that they need to approve or reject the requested resources for finishing the step. This information is also automatically forwarded to your Risk Treatment Plan.
Once your document or register is finished and approved in the Document or Register wizard, and the Awareness, Training, and Resources fields are filled and checked, the step can be finished. You just need to click on the “Finish Step” button and you can proceed to the next step of your project.
Contact us if you have any questions: firstname.lastname@example.org