I'm looking for questions to prepare a survey to interested parties to provide feedback on the ISMS. To get feedback from interested parties (9.3 ISMS Management Review) we are planning to create a survey. Do you have a template or suggestions on a good set of questions?
Answer:
No I am sorry, we do not have this template. Anyway, you can perform questions related to your ISMS and each interested party: Have you identified and established requirements for the ISMS? Have you identified any weakness in our ISMS? Any improvement? Any threat/vulnerability that we do not have identified in our risk management yet? Have you identified any new asset in your business/area/department that is related to our ISMS? Do you have access to our Information Security Policy? Etc.
This article related to interested parties can be interesting for you How to identify interested parties according to ISO 27001 and ISO 22301 : https://advisera.com/27001academy/knowledgebase/how-to-identify-interested-parties-according-to-iso-27001-and-iso-22301//
Comment as guest or Sign in
Jan 13, 2016