DraftIndicative placeholder for the section owner — amend, replace, or confirm as the first definitive version.
Doc owner: TBD
System Security Planning Policy
Placeholder. This page is a stub created to hold the ISO 27001 control set. Content to be drafted by the policy owner.
Purpose
To require that significant Allied systems have a documented security plan capturing scope, controls, and residual risk.
Scope
Applies to systems identified as in-scope for the ISMS.
Roles and responsibilities
| Role | Responsibility |
|---|---|
| TBD (policy owner) | Maintains the security planning standard |
| System owners | Produce and maintain plans for their systems |
Policy statements
TBD — to cover plan content, review cadence, linkage to risk assessment and the Statement of Applicability.
Related
- POL-DIG-001 Information Security Management Plan
- POL-ENT-002 Risk Assessment Policy
- ISO 27001:2022 Clause 6.1.3, Annex A