web page presents a brief Plain English overview of the
Part 4 Context asks you to
understand your organization and its
This means that you need to understand
your organization's approach
Part 5 Leadership expects
your organization's top
Part 6 Planning asks you to
identify the risks
and opportunities that could
It also asks you to assess your
organizationís information security risks, to select
Finally, it asks you to establish
information security objectives at all relevant
| Part 7 Support expects your
organization to support its ISMS by providing
resources. It asks you to ensure the competence of the people who have an
impact on your organization's security and to ensure that they are aware of their
responsibilities. It then asks you to figure out how extensive and detailed your
organizationís ISMS documents and records need to be. It then asks you to
include all necessary documents and records and to manage and control
their creation and modification.
Part 8 Operation asks you to
establish the processes that your organization
Part 8 also asks you to perform regular
| Part 9 Evaluation asks you to
monitor, measure, analyze, audit, and evaluate
your organization's ISMS and to review its suitability, adequacy, and effectiveness
at planned intervals.
Updated on March 1, 2019. First published on November 12, 2013.
Praxiom Research Group Limited firstname.lastname@example.org 780-461-4514
Legal Restrictions on the Use of this Page
Copyright © 2013 - 2019 by Praxiom Research Group Limited. All Rights Reserved.