Listen 8.3. Continual improvement
in this lesson will go over the requirements of Clause 10.2, which pertains to continual improvement
when you look at the ISO 27,001 Standard
It's simple, so simple. It's just one sentence.
The sentence, as per the standard, is
the organization shall continually improve the suitability,
and effectiveness of the information security management system.
There are two main in principle continual improvement
and these are the outputs from your management review meetings
and your nonconformity or corrective action process.
From your management review process,
you would consider changes in internal and external issues which could affect the ice a mess.
It would also look at changes to the organization which could affect the ice amiss.
You would consider the adequacy off the ice miss
in achieving its objectives,
whether or not the risks are being appropriately managed.
And if there is an opportunity for improvement with regards to cost effectiveness
for the non conformity ease and corrective actions,
corrective actions inherently addressed something that has not worked as intended.
So by its nature, this helps to improve the ice mess
corrective actions could also lead to discovering future opportunities for improvement.
He should be noted and planned were appropriate
evidence to show continual improvement can include
all of these are one of more of these example items,
reports of your reviews, orders, incidents and corrective actions,
budgets and plans specific for corrective actions.
Ice amiss strategies and plans,
specifically ones that have come from any organizational changes.
Specifically the evidence specifying improvement actions.
A swell as various metrics from close nine,
especially ones that demonstrate positive movement or targets being achieved.
In this lesson, we covered what it's meant
bye and required for clause 10.2 continual improvement.
We also discussed a variety of elements
that support continued improvement
and that continual improvement is the culture of your Christmas as a whole.
We briefly covered some documentation that can support this clause and that can also be used as ordered evidence