Definition of implementation for an ISO 27001 project
Assign topic to the user
Answer: The calculator considers as required time for implementation the performing of at least one cycle of the Information Security Management System, which starts with organization's context understanding (standard's clause 4.1), goes through implementation, operation and control of the system, and finishes with the outputs established in the management review of the system (standard's clause 9.3), covering decisions related to continual improvement opportunities and a ny needs for changes of the information security management system.
Basically, the calculator will tell you the time needed for your company to become ready for the certification.
The 3 months of the system in operation is required by some certification bodies, but not all. Therefore, our calculator did not take this time into account.
Comment as guest or Sign in
Aug 17, 2017