‘Commented [7A Toes how oat osm ne ‘taro tow 50 701530 501m ont [oramntzation ogo Se [organization name] Commented [HAG] Tol hw tome cans PROCEDURE FOR DOCUMENT AND RECORD CONTROL, ‘Sues nt eB Cae tae ck this ek Monin 50 cavern Aan a ce teats erento | suneisnaonslsnade. Version ‘Commented (27A8) Ie desert corgspensnoua bem Date of versio: Sieucrsoptoncvte pcr tac tnmaytecusas. Created by Approved by Confident level: ‘oneness ot aa er Stn wa Ae. EC WAN Le{organization name confident level Change history Date Version ] Created by Description of change Oa | 2700IAcademy Basie document outine ‘Table of contents 3. CONTROL OF INTERNAL DOCUMENTS... 3.3 Document with the lowest confidently eve. 33.2 Documents with higher confidently lev 5. MANAGING RECORDS KEPT ON THE BASIS OF THIS OOCUMENT, 6 VALIDITY AND DOCUMENT MANAGEMENT. earl Corel ver om te Fagedoe ‘one ele mab wd cet ot av ae Sc wasn ECAR Le{organization nae confident level 11. Purpose, scope and users “The purpose ofthis procedure sto ensure contol aver creation, approval, distribution, usage and updates of documents and records (aso called: documented infatmation) used in the information Security Management System (SMS), This procecure is applies to all documents and records related tothe ISMS, regardless of whether the documents and records were rested inside organization name] or whether they are of external origin. This procedure encompasses all documents and records stored in any possibe form ~ paper, audio, vdeo, ete Users of this document ae all employees of [organization name} inside the scope ofthe ISM. 2. Reference documents ‘+ IS0V1EC 27001 standard, clause 75 ‘Information Security Policy ‘+ Policy or handling clasifid information ‘+ [other documents and regulations speeying document control |. Control of internal documents. Internal documants are all dacuments created inside the organization 3.1, Document formatting The document text is written using font Calbrlsize 11, Chapter titles are writen using font size 14 ee ee ee eee -_—— ° ae document name, curtent version and date of document, and number of pages. 3.2, Document approval All documents, regardless of whether they are new documents or new versions of existing — ae - 3.3. Publishing and distributing documents; withdrawal from use 33.4, Documents withthe lowest confidentiality level Fesedre Tor Docent a Rare Conval var esn] Wom ate Fagesoe ‘ozo erly cet ot av ae Scns wasn mENCWAN Le Conant IA8) i Besson ed ‘Connmeted (2747) Ge fue 50.705 eStore bereierertecrernnettl ‘Commented (27ASH nce te econ eve, === ‘Comnetea [27A9) Hae, yu tra te ‘came opened ugeat tna nie ocuner ‘augonet sum oroar"heergeeacument prado Send andra fn etn{organization name confident level Incase of documents to which acess fs allowed forall employees within [SMS scope, [ob tite] must —_——--— - -—_——-— such originals must be marked as"Obsolete” using a marker pen, 3.3.2. Documents wit higher confidentiality level Documents which have ahigher confidentiality level, bsspeeiiel athe Paley for Ranling classified — ee ee ee we + eee -—_——- document 19 all persons onthe astbution ist. - ——-= —— -— -- = conly by persons spect on the document distribution st Document updates “The person listed as document owner has the responsiblity for updating the deeument. Updates are ‘option is unavailable or ifthe changes are too numerous, then the Track changes option isnot used. 35. Records control Each internal document in the ISMS must define how records resulting from the use of such 2 ecocds fs such that permission for access must be obtained from a diferent person, this must be stated in the concecned internal document inthe chapter describing records control Tee Ta DRE wa ETE CORTT ver eT ToT Faget oe ‘exons ale maybe wie AaV569 eS Ls Wass ECEWAN Pee Commented [AIS oe elon eS ‘fesmnenet iy ens cones onneted (27K14] er retest to nlomwon eae Commented [RIT]. Sure mares we pate eure haere ment wicetee ‘Commented (TRIB Ten warn e | pooper gna{organization nae confident evel) Documents of external origin a — the person te whom the document has been forwarded, The person who receives mail and courier parcels must forward them to [ob tite}, who must make a — + ‘whom the decument should be forwarded. 5. Managing records kept on the basis of this document Conta for record protection time Records are stored for® period of 3 years Incoming mall register (electronic form = Exes! spreadsheet) Titranet folder name] [jb tite acting Only [ob tite] has the asonner ofthe right to make entries Incoming mail__intoand changes tothe reghster] Incoming mal register (Only ob tite] can grant other employees acess tothe Incoming mall register. 6. Validity and document management This document i valida of [tel The oumer ofthis documents obit] who must check anf necessary, update the document st lesstbnce ayese When evaluating the effectiveness and adequacy ofthis document the allowing criteria need tobe considered: lobia {fest and lastname} earl Corel ver om te Pages ‘ozo erly cet ot av ae Scns wasn mENCWAN Le ‘Commented [A7A2O} sso omer varie ‘Commented (27821 sess baton ease ‘Commented (27R23Y asa he enon ars ‘Commented [27A24) Fone ater bs ecato ranch uch omen fpontanssr{organization nae confident level _ aor Cool vara om te Fageboe ‘exons ate maybe wc AaV569 Ee Sts Ls Anse MECN Pee sooner