Expert Advice Community

Guest

ISO 27001 implementation requirement

  Quote
Guest
Guest user Created:   Apr 16, 2022 Last commented:   Apr 16, 2022

ISO 27001 implementation requirement

The instructor has mention that "conducting the risk assessment is in plan phase? which is an actionable and more to be in Do phase?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 16, 2022

First is important to note that ISO 27001 does not specify the PDCA cycle.

Please note that the best practice is to consider Risk assessment as part of the Plan phase, since its main objective is to identify and prioritized relevant risks to be treated, so you can plan why controls to implement.

In the Do phase, you implement and operates the controls.

This article will provide you a further explanation about ISO 27001 and PDCA cycle:
- Has the PDCA Cycle been removed from the new ISO standards? https://advisera.com/27001academy/blog/2014/04/13/has-the-pdca-cycle-been-removed-from-the-new-iso-standards/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 15, 2022

Apr 15, 2022

Suggested Topics