ISO 27001 Manual specifies the requirements for establishing, implementing, maintaining and continually improving Information Security Management System within the context of overall Business requirements. It specifies the implementation of security controls customized to the objectives and needs of the organization. The Scope of the ISMS Manual specifies the requirements for establishing, implementing Jarran Reed Hat , maintaining and continually improving the Information Security Management System.
ISO 27001 Manual very similar to Quality Manual in ISO 9001 could be a document that explains how an organization will comply with the ISO 27001 requirements and which procedures will be used in the ISMS. The ISMS Manual could be a bundle of all the documents that are produced for the ISMS – basically, the idea here would be to place all the policies, procedures, working instructions, forms Germain Ifedi Hat , etc. into a single book so that they would be easier to read. In short this ISMS manual explains the Organization’s approach to information security and contains both the Management Policy Statement on Information Security in the Organization and, it identifies which of the controls identified to the Organization, which compliments to the Organization’s Statement of Applicability. ISO 27001 manual is, together with any separately published policies, guidelines it is Organization’s Level 1 ISMS documentation.