Assign topic to the user
First, it is important to note that a SWOT analysis is not mandatory for ISO 27001, but it can help the identification of organizational context (internal and external issues that can impact information security) and requirements of interested parties.
Considering that, without knowing specifics of the organization, regarding internal and external issues that can impact information security related to the voting system, it is unfeasible to provide a SWOT example.
In a general way you can consider that:
- Your Strengths and Weaknesses are internal issues with positive and negative connotations.
- Your Opportunities and Threats are external issues with positive and negative connotations.
Not all those issues have the same weight or the same impact on your organization. Use the needs and expectations of interested parties to evaluate which issues are more relevant.
Then, pick those relevant positive issues (internal or external) and see if you can find relevant opportunities and benefits to evaluate and act upon.
Then, pick those relevant negative issues (internal or external) and see if you can find relevant risks to evaluate and act upon.
These articles will provide you a further explanation about organizational context and requirements of interested parties:
- How to define context of the organization according to ISO 27001 https://advisera.com/27001academy/knowledgebase/how-to-define-context-of-the-organization-according-to-iso-27001/
- How to identify ISMS requirements of interested parties in ISO 2 7001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/
- Four key benefits of ISO 27001 implementation https://advisera.com/27001academy/knowledgebase/four-key-benefits-of-iso-27001-implementation/
Comment as guest or Sign in
Oct 10, 2020