The ISO/IEC 27001 control standard requires you to have documented procedures (in most cases) to establish a baseline for your security operations. Without this baseline, the security operations will be inconsistent. A procedure lays the foundation necessary for its constant improvement. This product includes Access Control, Vulnerability Management, Data Backup, Contact with Authorities, Media Sensitization, Physical Security Zoning, and Secure Work Area procedures that are required for your ISMS or the security program.
Security Procedures