ISO27001, Clause 7.5.3 requires that there is control of documented information.
The documented information of external origin, determined by you to be necessary for the planning and operation of your information security management system, needs to be identified as appropriate, and controlled.
The key word here is 'controlled', and our Documented Management procedure explains how this is achieved. Follow the guidance in the document and ensure it meets with what actually happens in your business.
About our procedures
This procedure is written with the end-user in mind. It needs to represent 'truth' and what actually happens in your organisation.
Remember to always keep the audience in mind; Who will read these documents? They are a little more detailed than policies, as they can include steps that must be followed to achieve the desired outcome.
Document Management
Hey, we're not going to go all 'legal' on you here... that's not our style. But this is our Intellectual Property, and we'd prefer it if you didn't go sharing this with other people who haven't spent the money and bought a copy.
Of course, we can't really stop you... But are you that kind of person? We don't think you are. So if you want to tell people about your new found super power of ISO27001-Awesomeness, great... just don't give it away for free!