Security Policy: Difference between revisions
Jump to navigation
Jump to search
| Line 294: | Line 294: | ||
:1. the status of actions from previous management reviews; | :1. the status of actions from previous management reviews; | ||
:2. changes in external and internal issues that are relevant to the information security management system; | :2. changes in external and internal issues that are relevant to the information security management system; | ||
:3. feedback on the information security performance, including trends in: | :3. feedback on the information security performance, including trends in: | ||
::(a) nonconformities and corrective actions; | ::(a) nonconformities and corrective actions; | ||
::(b) monitoring and measurement results; | ::(b) monitoring and measurement results; | ||
::(c) audit results; and | ::(c) audit results; and | ||
::(d) fulfilment of information security objectives; | ::(d) fulfilment of information security objectives; | ||
:4. feedback from interested parties; | :4. feedback from interested parties; | ||
:5. results of risk assessment and status of risk treatment plan; and | :5. results of risk assessment and status of risk treatment plan; and | ||
:6. opportunities for continual improvement. | :6. opportunities for continual improvement. | ||