O'Reilly logo

Nine Steps to Success: An ISO27001:2013 implementation overview by Alan Calder

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 8: MEASURE, MONITOR AND REVIEW

A useful ISMS is one that helps an organisation achieve its information security objectives – those objectives should be linked to its business, regulatory and contractual objectives and should be delegated to appropriate levels within the organisation.

ISO 27001 requires the organisation “to continually improve the suitability, adequacy and effectiveness of the ISMS”. The corrective action requirements of the Standard are met by an effective ISMS audit plan, competent review of non-conformities (part of the responsibility of the information security manager), the incident response procedures and the related documentation.

The combination of effective monitoring, measuring, and corrective action processes ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required