CHAPTER 3: ISMS INITIATION
The first concrete steps in initiating the ISMS are to determine which continual improvement methodology to use and to put a document structure in place.
Continual improvement
ISO 27001 recognises that a ‘process approach’ is the most effective method for managing information security. The Standard is open to the deployment of any continual improvement approach and allows for organisations that already use, for instance, the ITIL® 7 Step Continual Service Improvement approach, the COBIT® Continual Improvement Life Cycle or any other approach that may be appropriate in the organisation’s context, to be certified. One of the most widely known and widely used approaches in the management system world is the ‘Plan-Do-Check-Act’ ...
Get Nine Steps to Success: An ISO27001:2013 implementation overview now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.