For this Toolkit Insider Series, we will show you why an Information Security Management System (ISMS) Plan can provide a starting point for your ISMS project.
Implementing an ISMS can be hard work. Depending on the size of your organisation, an ISMS project can take months or a year of full-time work to complete.
However, once the project has been implemented, your organisation will be able to defend itself from technology-based risks and be resilient in the face of future cyber attacks.
So, how do you start your ISMS project? A sensible place to start is to create a detailed strategy of how your ISMS project will run, and this is where an ISMS Plan template can save you critical time you might otherwise spend creating your own.
The ISMS Plan template
This template found in our ISO27001 2013 ISMS Standalone Documentation Toolkit will give you a starting point for your project and will guide you through the steps of implementing an ISMS.
The ISMS Plan template includes some of the following steps:
• Identify business interfaces
• Identify key processes
• Define and apply a risk assessment process
• Create a risk treatment plan
The ISMS plan also assigns responsibilities for each step of your plan. For example, the template ensures that the information security manager is responsible for ensuring that all information security issues have been included and appropriately treated.
Inside our ISMS Plan
Here’s a sample from our ISMS Plan template:
ISO27001 2013 ISMS Standalone Documentation Toolkit
Created by expert practitioners, the ISO27001 2013 ISMS Standalone Documentation Toolkit provides you with a comprehensive set of ISMS templates, saving your organisation time, effort and money. Take your free trial here.
For the final instalment, we will be looking at the Risk Assessment Procedure.