Continual Improvement

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
7 hours 56 minutes
Difficulty
Intermediate
CEU/CPE
8
Video Transcription
00:02
Listen 8.3. Continual improvement
00:08
in this lesson will go over the requirements of Clause 10.2, which pertains to continual improvement
00:18
when you look at the ISO 27,001 Standard
00:22
Clause 10.2.
00:25
It's simple, so simple. It's just one sentence.
00:29
The sentence, as per the standard, is
00:33
the organization shall continually improve the suitability,
00:37
adequacy
00:38
and effectiveness of the information security management system.
00:44
There are two main in principle continual improvement
00:47
into the ice. Miss
00:49
and these are the outputs from your management review meetings
00:52
and your nonconformity or corrective action process.
00:57
From your management review process,
01:00
you would consider changes in internal and external issues which could affect the ice a mess.
01:07
It would also look at changes to the organization which could affect the ice amiss.
01:15
You would consider the adequacy off the ice miss
01:18
in achieving its objectives,
01:21
whether or not the risks are being appropriately managed.
01:25
And if there is an opportunity for improvement with regards to cost effectiveness
01:33
for the non conformity ease and corrective actions,
01:37
corrective actions inherently addressed something that has not worked as intended.
01:42
So by its nature, this helps to improve the ice mess
01:47
corrective actions could also lead to discovering future opportunities for improvement.
01:52
He should be noted and planned were appropriate
02:00
evidence to show continual improvement can include
02:05
all of these are one of more of these example items,
02:09
reports of your reviews, orders, incidents and corrective actions,
02:15
budgets and plans specific for corrective actions.
02:21
Ice amiss strategies and plans,
02:23
specifically ones that have come from any organizational changes.
02:30
Management meetings.
02:31
Specifically the evidence specifying improvement actions.
02:37
A swell as various metrics from close nine,
02:39
especially ones that demonstrate positive movement or targets being achieved.
02:47
In this lesson, we covered what it's meant
02:51
bye and required for clause 10.2 continual improvement.
02:57
We also discussed a variety of elements
03:00
that support continued improvement
03:02
and that continual improvement is the culture of your Christmas as a whole.
03:07
We briefly covered some documentation that can support this clause and that can also be used as ordered evidence
Up Next
ISO 27001:2013 - Information Security Management Systems

The ISO 27001:2013 - Information Security Management Systems course provides students with insights into the detail and practical understandings meant by the various clauses in the ISO 27001 Standard.

Instructed By