iFour ConsultancyISO 27001 - Management Clause 9
ISO for Software application development India -
http://www.ifour-consultancy.com/
1
Performance evaluation In order to make systematic improvements
in Information security controls, processes and management
system
ISO 27001 - Management Clause 9ISO for Software application
development IndiaMonitorEvaluate/Audit/ReviewMeasureAnalyse
ISO for Software application development India -
http://www.ifour-consultancy.com/2
9.1 Monitoring, measurement, analysis and evaluation9.2 Internal
audit9.3 Management reviewPerformance evaluationISO for Software
application development India
ISO for Software application development India -
http://www.ifour-consultancy.com/3
Actions involved:Decide what needs to be monitored and
measuredMonitor customers satisfactionAnalyse and evaluate data and
information9.1 Monitoring, measurement, analysis and evaluationISO
for Software application development India
ISO for Software application development India -
http://www.ifour-consultancy.com/
4
9.1 Monitoring, measurement, analysis and evaluation
(Contd)Determine most appropriate measurement(s)Performance
RequirementDetermine what can be measuredCreate measuring
procedureMeasureRaise improvementEscalate to top managementReport
measurementsAnalyse figuresEvaluateAction RequiredEscalation
Requiredhttps://issuu.com/public-it/docs/isms09005_process_for_monitoring__m?e=7139440/30590160ISO
for Software application development IndiaYNYN
ISO for Software application development India -
http://www.ifour-consultancy.com/
5
Documentation RequirementsDocuments, logs, periodic reports on
IS risks, Incidents and changes
Implementation RequirementsIdentifying various IS Metrics to be
monitored and measuredAssigning monitoring responsibilities to the
competent staff
Audit RequirementsReview reports on various ISMS metrics, and
measurements
9.1 Monitoring, measurement, analysis and evaluation (Contd)ISO
for Software application development India
ISO for Software application development India -
http://www.ifour-consultancy.com/
6
Top management reviews the organisations management system at
regular intervalsDocumentation RequirementsM R meeting minutes /
decisions related to ISMS
Implementation RequirementsEnsuring Management reviews ISMS
performance periodicallyManagement conducting periodic reviews on
ISMS performance, status of previous issues, risk assessments
reports, Audits, NCs, Corrective actions, and feedback
Audit RequirementsReview ISMS performance reviewsReview results
of MRs (Corrective actions)9.3 Management reviewISO for Software
application development India
ISO for Software application development India -
http://www.ifour-consultancy.com/
7
Evidence of the monitoring and measurement results (9.1)
Evidence of the audit programme(s) and the audit results (9.2)
Evidence of the results of management reviews of the ISMS (9.3)
Requirements for documented informationISO for Software
application development India
ISO for Software application development India -
http://www.ifour-consultancy.com/
8
Referenceshttp://www.iso27001security.com/html/27001.htmlhttps://en.wikipedia.org/wiki/ISO/IEC_27001:2013http://www.imsm.com/gb/iso-9001-revision/iso-90012015-clause-9/https://issuu.com/public-it/docs/isms09005_process_for_monitoring__m?e=7139440/30590160
ISO for Software application development India
ISO for Software application development India -
http://www.ifour-consultancy.com/9
Visit- http://www.ifour-consultancy.comOr
http://www.ifourtechnolab.com
For more detailsISO for Software application development
India
ISO for Software application development India -
http://www.ifour-consultancy.com/
10
Thank You ISO for Software application development India
11
