Professional Documents
Culture Documents
Monitor
Evaluate
/Audit/ Measure
Review
Analyse
Actions involved:
o Decide what needs to be monitored and measured
o Monitor customer’s satisfaction
o Analyse and evaluate data and information
https://issuu.com/public-it/docs/isms09005_process_for_monitoring__m?e=7139440/30590160
Escalate to top
Evaluate management
ISO for Software application development India
9.1 Monitoring, measurement, analysis and evaluation
(Contd)
Documentation Requirements
o Documents, logs, periodic reports on IS risks, Incidents and changes
Implementation Requirements
o Identifying various IS Metrics to be monitored and measured
o Assigning monitoring responsibilities to the competent staff
Audit Requirements
o Review reports on various ISMS metrics, and measurements
Implementation Requirements
o Ensuring Management reviews ISMS performance periodically
o Management conducting periodic reviews on ISMS performance, status of previous issues, risk assessments
reports, Audits, NCs, Corrective actions, and feedback
Audit Requirements
o Review ISMS performance reviews
o Review results of MRs (Corrective actions)
http://www.iso27001security.com/html/27001.html
https://en.wikipedia.org/wiki/ISO/IEC_27001:2013
http://www.imsm.com/gb/iso-9001-revision/iso-90012015-clause-9/
https://issuu.com/public-
it/docs/isms09005_process_for_monitoring__m?e=7139440/30590160
Visit- http://www.ifour-consultancy.com
Or
http://www.ifourtechnolab.com