The organisation's approach to managing information security and its implementation including people, processes and technologies should be reviewed independently at planned intervals, or when significant changes occur.
An information security management system is effective if it is regularly reviewed, updated, and communicated.
It is beneficial for an organisation to establish a procedure to review any amendments occurring within the organisation to reflect the ISMS. The organisation should carry out this on regular bases. Reviews are generally commenced on annual bases. Points to review include, but are not limited to:
AvISO will be updating and reviewing all the information regularly, so keep us bookmarked and keep checking!
Got a question or need help? Don't hesitate to reach out to our team.