1. Define Information Security Policy
2. Define scope of ISMS
3. pre-audit
4. Perform risk assessment
5. Implement risk management
6. Select/implement controls
7. Prepare statement of applicability
8. Training
9. Internal audit
10. Corrective and preventing actions
11. Management review
12. Certification
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment