The PDCA Cycle ISO/IEC 27001:2005
the pdca cycle
the 2002 version of bs 7799-2 introduced plan-do-check-act (pdca) cycle (deming cycle), aligning quality standards such iso 9000. 27001:2005 applies processes in isms.
plan (establishing isms)
establish policy, isms objectives, processes , procedures related risk management , improvement of information security provide results in line global policies , objectives of organization.
do (implementing , workings of isms)
implement , exploit isms policy, controls, processes , procedures.
check (monitoring , review of isms)
assess and, if applicable, measure performances of processes against policy, objectives , practical experience , report results management review.
act (update , improvement of isms)
undertake corrective , preventive actions, on basis of results of isms internal audit , management review, or other relevant information continually improve said system.
iso 27001:2013 not put emphasis on cycle.
Comments
Post a Comment