top of page

ISO27001:2022 new clause, 6.3 states that “When the organization determines the need for changes to the information security management system, the changes shall be carried out in a planned manner."

 

Keep in mind that this is NOT change management, but rather it is a specific requirement for you to describe and control changes to your information security management system.

 

You might control these changes through the Management Review process, but you should describe how changes will be managed, and that's what this process document gives you.

 

About our procedures

Our procedures are written with the end-user in mind. They need to represent 'truth' and what actually happens in your organisation.  

 

Remember to always keep the audience in mind; Who will read these documents?  They are a little more detailed than policies, as they can include steps that must be followed to achieve the desired outcome.

Planning for Changes to the ISMS

£12.99Price
  • Hey, we're not going to go all 'legal' on you here... that's not our style. But this is our Intellectual Property, and we'd prefer it if you didn't go sharing this with other people who haven't spent the money and bought a copy.

    Of course, we can't really stop you... But are you that kind of person? We don't think you are. So if you want to tell people about your new found super power of ISO27001-Awesomeness, great... just don't give it away for free!

bottom of page