Академический Документы
Профессиональный Документы
Культура Документы
Organization should determine the internal and external issues pertaining to the
implementation of ISMS.
Internal issues can be described in terms of:
Organizational structure Processes
Policies Internal practices
People (i.e. Resources) Products
Objectives Capabilities
Environmental
The context also refers to Clause 5.3 of ISO 31000:2009 standard for
establishing internal and external context of the organization.
Clause 5.3 of ISO 31000:2009 explains the establishment of your unique risk
management context. The subsections are:
Clause 5.3.1: Establish your risk management parameters.
Clause 5.3.2: Establish your organization's external context.
Clause 5.3.3: Establish your organization’s internal context.
Clause 5.3.4: Establish the context of your risk management process.
Clause 5.3.5: Establish your organization’s risk criteria.
Clients want your company to comply with the security clauses in the contracts your
company signs with them.
Image reference: http://imgforu.com/login/123?q=39
Govt. agencies want your company to comply with Information Security laws and
regulations.
Image reference: http://blog.snobmonkey.com/2015/04/14/why-universities-need-to-get-social/
Plan Do
Act Check
• Continually • Maintain the
Improve the ISMS ISMS i.e. Monitor
and Review ISMS