Search

ISO 27001 Implementation Guidance: Using Objectives

While it seems obvious to state that your Information Security Management System (ISMS) should be in a good state before any certification visit, this desire for 'perfection' can be a major cause of unnecessary delay. While it's true that auditors don't like to see too much 'work in progress', there is a mechanism within the standard that allows you to formally capture those unfinished controls within a formal programme. Formalising work-in-progress using Information Securi