Discover how to implement ISO 27001 Capacity Management and pass the audit. This step by step tutorial walks you through how to implement it, pass the audit, common mistakes people make and what an auditor will look for.

🧰 Do It Yourself ISO 27001 Certification with the Ultimate ISO 27001 Toolkit - [ Ссылка ]

🤓 Learn Capacity Management ISO 27001- [ Ссылка ]

*What is ISO 27001 Capacity Management?*
ISO 27001 Annex A 8.6 Capacity Management is an #ISO27001 control that looks to make sure you have the resources you need to the things that you need to do.

*Purpose*
The purpose of ISO 27001 Annex A 8.6 Capacity Management is to ensure the required capacity of information processing facilities, human resources, offices and other facilities.

*How to implement ISO 27001 Capacity Management*
The steps to implement Capacity Management ISO 27001 for #iso27001certification are:
1. Have procedures in place
Write, approve, implement and communicate the documentation required for capacity management.
2. Assess your capacity requirements and perform a risk assessment
Conduct a risk assessment and work out what your capacity requirements are.
3. Implement controls proportionate to the risk posed
Based on the risk and requirements implement the controls that are proportionate. Set upper limits for capacity, implement triggers and put in places processes to respond to those triggers and alerts.
4. Keep records
For audit purposes you will keep records. Examples of the records to keep include changes, updates, monitoring, review and audits.
5. Test the controls that you have to make sure they are working
Perform internal audits that include the testing of the controls to ensure that they are working.

свернуть