7 hours 52 minutes
Lesson 5.4 Communication requirements of a nice mess
In this video, we will cover considerations for your communication process.
What the communication requirements are
examples of content to be communicated
and what the requirements were documented. Information on
communication is specific to Clause 7.4 in the standard
communication with regards to your Isom s serves to keep your interested parties identified all the way back and close for
up to date about important aspect of the ice mess,
whether it is theater achievement of milestones or requiring some kind of input
support from the interested parties.
Keep in mind that we identified both internal as well as external interested parties, and your communication strategy will need to cater to both.
The standard requires a few determinations to be made with regards to communication.
These are what types of information needs to be communicated.
What is the frequency of communication
specifically per type off information to be communicated?
Who are the personal involved in communicating
Who is the target audience
for the communication, both internal and external?
One of the triggers for the communication activities or the frequencies for specified communication activities
on what communication medium will be used.
Will communication be sent by email in person speeches,
Updates on the Internet. Whatever the case is,
we'll cover documented information of this clause a bit later. However, all important decisions and plans pertaining to communication should be documented.
For example, when you are being audited
in order to may have an expectation that you communicate at a minimum on a monthly basis.
To contest this,
you would need to have the appropriate approved document stating your frequency of communication is quarterly. For reasons X y Z.
This is a simple example, but the principles stay the same.
There are several elements within the communication off a nice mess that need to be determined on, of course documented. But we'll cover that in a bit.
These are the key items to focus on ensuring the decision has been made and that the relevant parties are made aware of,
for example, external facing communications, such as in the event of a data breach. You would only one certain appropriately trained and experienced personal to handle that type of communication
that would generally be a public relations expert of some sort that is responsible for managing communications to the media clients and general public
triggers and frequency
for certain events, such as passing a certification ordered.
Having a data breach or changing elements in the ISM is thes. Would service triggers for key communication?
Ideally, you would want to outline is many of these trigger events as possible
and specify the personal responsible for communication efforts in each of God.
You want your content to be appropriate and relevant for the topic.
Having pre approved and pre formulated content is a good idea
as this can speed communication up,
such as a SET report that gets updated with new figures on a quarterly basis.
It is also important to identify your target audience for each type of communication that you will be sending out
who will receive communication internally and excellently and for what.
Having a list of approved recipients, especially for external communications, is a good plan.
You also want to decide on an appropriate communication medium.
This can be in person communication, email, communication,
website updates, videos, telephone calls, Whatever the case is
for each type of communication medium, have a preferred
I mean sorry for each type of communication type. Have a preferred communication medium.
The method and process.
Is there a documented process to follow,
the initiator, the approve er, the sender or the speaker confirmation that a message has been sent and correctly received and understood
what you communicate and who this is communicated. Teoh is rather important.
In addition to this understanding, what you need to communicate within your ice mess and who the audience for each type of communication will be is important.
Examples of communication content can include information pertaining to risk assessments, risk management and risk treatment activities,
information security objectives and the ongoing monitoring off the achievement of these
roles, responsibilities and the authority within the ice miss context
as well as any changes to the ice mess.
Generally, having something documented just makes life easier.
You can share the document with the people that need to be involved in the process,
and they have a constant reference point.
You can monitor and ensure the process is staying true to what was initially decided and agreed upon.
One can implement matrix and monitors.
Of course, it makes life a whole lot easier. Come all the time when you have something documented
telling in order to you do something and communicate to stakeholders often doesn't suffice.
The communicate education you have sent is easy.
That serves as a component off documented information
the auditor can see that you have communicated.
It is a good idea to have all your processes documented from an order point of view as well.
If you have not meant the frequency off communication, you have to find
you'll have a non conformity.
If you have and the frequency is reasonable, it's quite difficult for in order to to tell you it's not sufficient, as this is your documented process approved by management,
all I can do is recommend changing of frequency
because of whatever reasons the order to may have.
Everything that we have discussed so far in the previous slides would be documented to some extent.
So if that is all documented in some other
that works for your organization and is of course approved for your ice, um, s implementation need another relevant stakeholder holders,
then you should be good to go.
In this lesson, we covered what the considerations for your communication process and activity should be.
We touched on a couple of examples of communication media that can be used
we covered the standard
and it's requirements regarding communication processes to cover.
We looked at examples of ice mess content that should be communicated,
and we also covered what is required as documented information for the communication process,
which can also serve as evidence during your certification orders.