When I joined my company I was told I would be in charge of their ISO 27001, which is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes.
That is quite a mouthful, but very important to get right, especially in the eyes of our customers who trust us with their data.
Okay I thought, I can do this, until I saw what it entailed - roughly 73 Microsoft Word documents of varying file sizes and page lengths, stored on a server somewhere. Each document was written for a corporate sized company, so would need to be amended specifically for our smaller company. Looking beyond the documents I saw a lot of problems especially around version control, document ownership, multiple people editing documents, the sharing nightmare that is email and file attachments, backups and auditing, not to mention how I could standardise fonts, headings, tables, paragraphs etc. Also some ISO pages were not for everyone, as some documents were for Management eyes only.
Confluence solved almost every single problem I predicted and I'll show you how I created the best automated report summary for both Management and myself as Information Security Manager.
First let me run through some of the benefits of using Confluence for this project:
Setting up the ISO pages:
Over a couple of months I imported all the ISO Word documents into Confluence and went about standardising the pages so that they looked and felt the same. I envisaged I would be creating further pages, so created two ISO templates, one for Management related ISO pages and one for everyone else.
On the Management summary report landing page I created a 'New ISO for management' button off the back of the ISO Management template. Below the button I wanted the report to show who had worked on the various ISO pages, when the work had taken place, what comments had been left and if any target dates or actions that needed to be followed up.
The problem I encountered with the Management summary report:
Here is the solution in two parts.
Do let me know if you have any questions or comments, I would be happy to help out if you have something similar to tackle.
Hi Atlassian Community, My name is Avni Barman, and I am a Product Manager on the Confluence Cloud team. Based on feedback from you, we are giving admins more power to create templates that a...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events