In this episode of the Secure and Simple Podcast, host Dejan Kosutic interviews Carlos Cruz, founder of Metanoia Consulting in Portugal. They discuss essential best practices for creating and managing policies, procedures, plans, and other documents for compliance with ISO standards and cybersecurity regulations. Carlos shares insights on the distinction between procedures and work instructions, the importance of writing clear and concise documents, and the challenges of getting employees to adopt new procedures. They also cover the importance of templates, techniques for ensuring documents reflect current practices, and strategies for addressing resistance to new documents. This episode is a must-watch for consultants, CISOs, and other cybersecurity professionals looking to streamline their documentation process.

Links from the episode:
- Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software
- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits
- Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses
- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account
- Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t
- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course: https://advisera.co/GrowYourConsultancyTraining

• (00:00) - Interview with Carlos Cruz
• (01:55) - Types of Documents: Policies, Procedures, and Work Instructions
• (11:51) - The Importance of Short and Focused Documents
• (21:46) - Structuring Documents for Clarity and Compliance
• (33:34) - Adapting Documents to Client Needs
• (39:31) - The Importance of Templates for Writing Documents
• (43:58) - Deciding What to Document
• (45:50) - The Roles in Document Creation
• (01:15:04) - Common Mistakes in Document Writing
• (01:21:39) - Resources for Consultants