Chapter 2. The ISO27001 Implementation Project
The successful design, development and implementation of an ISMS that will be in line with the requirements of ISO27001 is a significant project. There are a number of important aspects to such a project, all of which are developed in detail in International IT Governance: an Executive Guide to ISO27001/ISO17799. A project team will need to be set up and it will need the full support of management.
ISO27001 adopts the Plan-Do-Check-Act (PDCA) model that anyone familiar with other management system standards, such as ISO9001, will recognise. To implement an ISO27001-compliant ISMS, an organisation needs to ‘Plan’ what it is going to do, carry out those plans, i.e. ‘Do’ it, ‘Check’ that what ...