Having an ISO 27001 system in place mandates a set of documents.  These documents may be the most visible manifestation of a system and certainly the starting point for any ISO 27001 auditor. Naturally before starting to draft documents the organisation will have performed a planning phase and a risk assessment.  Annex A contains an excellent starting point but […]