PDCA definition

A PDCA is a method used in business for the control and continuous improvement of processes and products, so the things you need to do is to define the improvement you want to implement and how you can measure if it was achieved. E.g.: improve information security, by implementing an ISO 27001 compliant ISMS, or bring information risks to acceptable levels, by implementing a Risk Treatment Plan.

The definition of time for each activity needs to consider the available resources and the competence of the personnel involved.

For staring a project, the first activity you need to consider is getting top management buy-in.

These articles will provide you a further explanation about ISO 27001 projects:

• ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
• 4 crucial techniques for convincing your top management about ISO 27001 implementation https://advisera.com/27001academy/blog/2016/09/12/4-crucial-techniques-for-convincing-your-top-management-about-iso27001-implementation/
• Has the PDCA Cycle been removed from the new ISO standards? https://advisera.com/27001academy/blog/2014/04/13/has-the-pdca-cycle-been-removed-from-the-new-iso-standards/

These materials will also help you regarding ISO 27001 projects:

• Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
• ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/