http://itknowledgeexchange.techtarget.com/itanswers/iso-27001-implementation-start-to-finish/ Wed, 22 May 2013 04:23:02 +0000 hourly 1 http://itknowledgeexchange.techtarget.com/itanswers/iso-27001-implementation-start-to-finish/#comment-112182 jinteik Fri, 12 Oct 2012 04:03:38 +0000 http://itknowledgeexchange.techtarget.com/itanswers/iso-27001-implementation-start-to-finsih/#comment-112182 the starting process is always difficult as you need to prepare everything and preparation takes a lot of effort. for iso 27001 there is a lot of Policy and Procedure (PnP) is required. usually there will be the 1st audit to see if you are on track and once they correct you (if there are minor mistakes or ways to improve) then they will come again to audit you again.
maintain it is actually quite easy (for me). Make sure that you are following your processes according to what is written in PnP and making sure that all the information is actually up to date. Reviews should also be done once in a while so that you know your work is up to date and not only be updating everything when the auditor is coming to visit.    

]]>