What indicates as successful implementation of the ISO27001 framework - when all the documentation is completed? When some gaps identified in the self-assessment have been closed?
Answer:
From my point of view, there are many activities that must to be performed (it is not only necessary to develop documents, you need to implement them). The implementation of the ISO 27001 is like another project, so you need a project plan, and you need to perform all phases identified on it. After the implementation, there are some mandatory steps: Internal audit, Management review and corrective actions. So, if you have performed your project plan, and you have also performed the mandatory steps, you have implemented the ISO 27001 successfully in your organization, and you are ready for the certification process. Also is important to keep in mind that the implementation of ISO 27001 will be successful if you have managed to decrease the number of security incidents.
Here you can see a checklist for the ISO 27001 implementation ISO 27001 implem entation checklist : https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
And this article can be also interesting for you Becoming ISO 27001 certified How to prepare for certification audit : https://advisera.com/27001academy/iso-27001-certification/
Comment as guest or Sign in
Jan 12, 2016