Question: using mobious using Plan Do check Act model Plan Review & Update information security strategy & Policies Review and update ISMS scope Review & update
using mobious using Plan Do check Act model Plan
Review & Update information security strategy & Policies
Review and update ISMS scope
Review & update stakeholder mapping
Review & Update information security RASCI
Review & Update information security risk management approach
Maintain Inventory of Assets
Do
Analyse and evaluate information security Risk
Determine inherent risk rating per information assets
Update statement of applicability on risks
Evaluate controls
Residual risk rating
Risk treatment plan & implementation Review & Update information security
Operational security controls
Iso controls
Others as required
Check
Monitor risk treatment progress
Information security metrics & measurement
Management review IT steering committee, IT Risk committee, Monthly ISMS SteerCO, Quartely Board reporting and annual gap assessments
Internal Audit
Review & maintain Corrective Action Log
Act
Ensure corrective Action & Esure continual improvement
Step by Step Solution
There are 3 Steps involved in it
1 Expert Approved Answer
Step: 1 Unlock
Question Has Been Solved by an Expert!
Get step-by-step solutions from verified subject matter experts
Step: 2 Unlock
Step: 3 Unlock
Study Help