Expert Advice Community

Home / ISO 27001 & 22301 / Responsibility of the CEO for management review minutes

Guest

Responsibility of the CEO for management review minutes

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Nov 09, 2018 Last commented:   Nov 09, 2018

Responsibility of the CEO for management review minutes

ISO 27001 & 22301
The ISMS Policy talks in section 4.4 Responsibilities (mark 3) about the responsibilities of the ceo (the ceo must have the ISMS reviewed at least once a year and has to create a protocol). Is the protocol the document for the management review?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Dejan Kosutic Nov 09, 2018

Answer:

Section 4.4 of the Information Security Policy speaks about the responsibility of the CEO (or other member of the top management) to prepare minutes of the management review meeting.

You can find the template of Management review minutes in the folder 11 of your ISO 27001 Toolkit; by the way, these minutes are a mandatory document.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 09, 2018

Nov 09, 2018

Suggested Topics
Borivoj Tydlitat Created:   May 06, 2025 ISO 27001 & 22301
Replies: 0
0 0

Reviewing incidents in Conformio Management Review
mark950 Created:   Jan 18, 2024 ISO 27001 & 22301
Replies: 1
0 0

Automated Firewall Review
Guest user Created:   Oct 12, 2023 ISO 27001 & 22301
Replies: 1
0 0

Clarification Regarding Control Review Frequency in Policy Documents