Over the past 6 months, I have been reading a number of articles and publications on the ISO27000 subset of guidance documents:
ISO 19011:2011 clearly states 'An organization needing to conduct audits should establish an audit programme that contributes to the determination of the effectiveness of the auditee's management system.
Protecting the information of an organisations is critical in todays world, where data breaches are becoming common place.
The main thrust of Clause 4.1 and 4.2 in a management system is for the organization to take a higher-level overview of the business
New Clients have told us "Management reviews have been a problem area in the past, we have had several Non-Conformances but we want to maintain ISO 27001 or ISO 22301 certification. What are the common issues you see?"
Business Continuity (BC) or sometimes called business continuance is defined as the capability of the organization to continue...