7.5     Documented  information:

7.5.1    General:

(A)       The organisation has developed and documented its information security management  system to ensure   that products conform to the specified requirements. The information security management  system covers the organisational structure, responsibilities, procedures, processes and resources for implementing effective Information Security Management System .

The information security management  system documented in this MANUAL, describes the policies and procedures in the various areas of the organisation describing different function that ensure compliance to the requirements of ISO 27001: 2013 standard.

(B)              The reference of Procedure, Work Instruction, records and specifications shall be made available at appropriate section of this Manual.  The detailed Organisation Structure is given in Section 9.0 of this Manual.  The detailed interaction between the processes of the Information Security Management System  has been given in the Manual.

7.5.2: Creating and updating

INFORMATION SECURITY MANAGEMENT SYSTEM MANUAL (ABCPL/ISMS/01)

This document defines the policy and objectives of the organisation addressing the requirements of ISO 27001:2013it refers to the other levels of quality system documentation at appropriate place.  Each section of the manual describes a particular aspect of the quality system and related procedures. The Manual does not have the details of clause as detailed on the cover page of the manual , The justification of the exclusion is provided in the respective section of the statement of applicability.

This INFORMATION SECURITY MANAGEMENT SYSTEM MANUAL shall be numbered as ABCPL /ISMS/XX, where –

ABCPL: M/S ABC PVT. LTD.

ISMS:  INFORMATION SECURITY MANAGEMENT SYSTEM MANUAL

XX:   Issue Status of the Manual

Procedures:  The procedures required by this international standard are prepared as per the procedure for the documentation control and generation procedure.