CHAPTER 2: THE ISO27001 IMPLEMENTATION PROJECT
The successful design, development and implementation of an ISMS in line with the requirements of ISO27001 is a significant project. There are a number of important aspects to such a project, all of which are developed in detail in IT Governance: An International Guide to ISO27001/ISO27002. A project team will need to be set up and it will need the full support of management.
Previously, ISO27001 mandated the use of the Plan-Do-Check-Act (PDCA) model to create a compliant ISMS. The 2013 update, however, allows for the use of either PDCA or comparable continual improvement management methods such as ITIL® or COBIT® 5. Under the PDCA model, an organisation ‘Plans’ what ...