We are planning to submit a project to our managers about scanning all our office papers and deal with PDF instead of physical-format documents.
For doing that, we are loooking for some support, if there is any, for claiming that scanning documents is a good practice that is aligned to ISO/IEC-27001 policies.
We know that the main purpose of an ISMS, based on ISO/IEC 27001 requirements, is to reduce the risk of loosing information or inauthorized access to it.
However, do you think that we could align the activity of scanning documents with ISO/IEC 27001 recommendations? We were thinking that getting PDF files reduce the risk of loosing physical-format documents, because file backup procedures are more secure than protecting papers.