I noticed in the My Work: Tasks Assigned to Me section, some of the tasks are listed as "Continuous Responsibilities". Such as: Coordinate the ISO 27001 implementation project and Report project status to the project sponsor.
My teammates have other tasks that are listed. At what point should we mark them as "Done"? Is it when we acknowledge that we have these ongoing responsibilities, or do we wait until the end of the project to mark them as done?
Please note that “continuous responsibilities” refers to tasks without a specific deadline (i.e., they must be performed while the ISMS is being used) that must be performed on demand.
Considering that, you should consider such tasks as done for a specific demand when you generate the related evidence that it was performed.
For example, the task “Identify all legal, regulatory, contractual, and other requirements related to interested parties that can affect or be affected by information security management.”, is considered “done” when you update the Register of Requirements module.