Evaluating the effectiveness of the procedure
Hello!. We recently purchased the ISO 27001 toolkit and I was wondering why the procedures state what to check when evaluating the effectiveness of the procedure? Where is that requirement from?
Assign topic to the user
The requirements for the evaluation of the ISMS performance are stated in section 9 of the ISO 27001. It is true that the standard does not prescribe what to check, but the items included in the procedures are the most commonly used in ISO 27001 related documents, and of course, since the templates are fully editable, you can define other items for checking the effectiveness of the procedure.
This article will provide you a further explanation about performance measurement:
- How to perform monitoring and measurement in ISO 27001 https://advisera.com/27001academy/blog/2015/06/08/how-to-perform-monitoring-and-measurement-in-iso-27001/
Comment as guest or Sign in
Jun 09, 2020