ISO 27001 SAMPLE FORM TEMPLATE

ISO 27001
CONTROL DESCRIPTION OBJECTIVE/DELIVERABLE RELATED ASSETS IMPLEMENTED? ASSET REFERENCE NUMBER
CONTROL

Define, approve, publish, and

5 Information Security Policy communicate IS policies to relevant Reputation, backups
stakeholders.
✘

Provide support and direction in

Management direction for information
5.1 accordance with requirements and 51236
security
regulations. ✘

6 Organization of information security

Information security roles and

6.1.1 611589
responsibilities

7 Human resources security

7.1.2 Terms and conditions of employment 712569

8 Asset management

8.1.2 Responsibilities for assets 812369

9 Access control

9.2.6 Responsibilities for assets 926547

10 Cryptography

11 Secure areas
11.1.1 Physical security perimeter 111136
Any articles, templates, or information provided by Smartsheet on the website are for reference
only. While we strive to keep the information up to date and correct, we make no
representations or warranties of any kind, express or implied, about the completeness,
accuracy, reliability, suitability, or availability with respect to the website or the information,
articles, templates, or related graphics contained on the website. Any reliance you place on
such information is therefore strictly at your own risk.

This template is provided as a sample only. This template is in no way meant as legal or
compliance advice. Users of the template must determine what information is necessary and
needed to accomplish their objectives.