Continuous improvement and documentation

Critical
High
Normal
Low

The organization shall continuously strive to improve the performance of the information security management system. Ways to improve are being actively sought - not just through audits or clear non-conformities.

Task owner is responsible for documenting the improvements made to the management system and dividing them into tasks to be performed, monitoring task execution and assessing the reached effects.

Connected other frameworks and requirements:
PR.IP-7: Protection processes
NIST CSF
10.1: Continuous improvement
ISO 27001
No items found.