The Cove Business Standards Discussion Forums
Monitor the Elsmar Forum
Courtesy Quick Links

Links Elsmar Cove visitors will find useful in the quest for knowledge and support:

Jennifer Kirley's
Conway Business Services

International Quality Services

Marcelo Antunes'
SQR Consulting, and
Medical Devices Expert Forum

Bob Doering
Bob Doering's Blogs and,
Correct SPC - Precision Machining

Ajit Basrur
Claritas Consulting, LLC

International Standards Bodies - World Wide Standards Bodies

AIAG - Automotive Industry Action Group

ASQ - American Society for Quality

International Organization for Standardization - ISO Standards and Information

NIST's Engineering Statistics Handbook

IRCA - International Register of Certified Auditors

SAE - Society of Automotive Engineers

Quality Digest

IEST - Institute of Environmental Sciences and Technology

Single Post View
Old 22nd May 2018, 04:40 AM

Total Posts: 4
Re: Policies Mandatory or essential for ISO 27001 implementation

The difference between policies and procedures is their purpose and the source they come from.

Policy - a formally expressed expectations and intentions of the organization management (Top Management)

Procedure - a detailed description about how to execute a process or an activity (Process Owner, domain expert)

Policies are on a more generic level, defining directions and Top Management's expectations.
On the other hand, procedures are describing how to execute particular processes, prepared by the process owners or experts in the given domain.

Sponsored Links

The time now is 07:38 AM. All times are GMT -4.
Your time zone can be changed in your UserCP --> Options.

Misc. Internal Links

NOTE: This forum uses "Cookies"