Operational planning & control for ISO 27001 Requirement 8.1

ISO 27001 Section 8.1 – Operational planning and control

To meet the requirements for 8.1 around operational planning and control, it is necessary to plan how the ISMS will operate and how it will be controlled through the process lifecycle.   

The evidence retained should demonstrate that the processes described have been implemented and are being controlled in order to meet the information security objectives as planned.

In order to meet the information security objectives noted in Sect 6.2. of the standard, actions should be implemented as determined by the documented information security risk assessment process, and the treatment thereafter in accordance with that process (section 6.1).

Discover how you can save time & reduce management resource using ISMS.online to achieve & maintain your ISO 27001 ISMS

The ISO 27001 Annex A Controls are listed below:

Need a set of ISO 27001 policies for your ISMS?

ISMS.online includes practical policies and controls for your organisation to easily adopt, adapt and add to, giving you a
77% head start with ISO 27001

 

Discover how you can save time & reduce management resource using ISMS.online to achieve & maintain your ISO 27001 ISMS

ISMS Online Rating: 5 out of 5
Share This