Security Policy: Difference between revisions
Jump to navigation
Jump to search
m →General |
|||
| Line 76: | Line 76: | ||
=== Actions to address risks and opportunities=== | === Actions to address risks and opportunities=== | ||
==== General==== | ==== General==== | ||
When planning for the information security management system, the organization shall consider the issues referred to | When planning for the information security management system, the organization shall consider the issues referred to [[https://wiki.officience.com/Security_Policy#Understanding_the_organization_and_its_context|]] and the requirements referred to in [[https://wiki.officience.com/Security_Policy#Understanding_the_needs_and_expectations_of_interested_parties]] and determine the risks and opportunities that need to be addressed to: | ||
# ensure the information security management system can achieve its intended outcome(s); | # ensure the information security management system can achieve its intended outcome(s); | ||