Assign topic to the user
Usually, the objectives are set at two levels: 1) General ISMS level, and 2) Security controls. For the point 1) you can use our template Information Security Policy (you can find it in the folder: 03 ISMS Scope Document). And for the point 2), because as you know it is related to the security controls, you can use our template Statement of Applicability (you can find it in the folder: 06 Statement of Applicability).
Regarding to the Plan to achieve the objectives, you need the Risk Treatment Plan. You can find our templates about it in the folder: 05 Risk Assessment and Risk Treatment Methodology.
Finally, I think that this article can be very useful for you ISO 27001 control objectives Why are they important? : https://advisera.com/27001academy/blog/2012/04/10/iso-27001-control-objectives-why-are-they-important/
Comment as guest or Sign in
Jan 12, 2016