ISMS Objectives

On C-Level you will need to define your ISMS Objectives, implement and review at least on yearly base.   

In the [Template ISO27001 Mandatory topics Documentation – Chapter 6.2] we have defined how to address this topic.  

We always advise for the first year the objective is ’to establish an ISMS that can meet ISO27001 standards (and get you certified). 
Some auditors are not happy with that – so add at least one other: e.g. 0 data breaches.  

Describe high level: 

  • what need to be done to achieve (high level) 
  • resources needed 
  • assign an owner 

 

Field 

Value / Description  

Example 

Objective 

free text field 

To achieve ISO27001 Certification within the next year 

Status 

select active/not active – currently applicable objective or outdated and therefore not active 

Active 

Starting date 

select the date when objective was formulated 

23 Sept, 2021 

Owner 

select the owner from the dropdown menu with all of the team members 

Jonathan Tachi 

Key results 

free text 

ISO27001 certificate 

Standard ISMS objective control  

free text 

yearly review of the objectives and strategy 

Evidence 

  

Certificate 

  

Was this article helpful?
0 out of 5 stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
How can we improve this article?
Please submit the reason for your vote so that we can improve the article.