ISMS Objectives

Why?

High Level ISMS requirements

On C-Level you will need to define your ISMS Objectives, implement and review at least on yearly base.

How?

Compleye Tips

In the [Template ISO27001 Mandatory topics Documentation – Chapter 6.2] we have defined how to address this topic.

We always advise for the first year the objective is ’to establish an ISMS that can meet ISO27001 standards (and get you certified).
Some auditors are not happy with that – so add at least one other: e.g. 0 data breaches.

Describe high level:

what need to be done to achieve (high level)
resources needed
assign an owner

What?

Explanation & Examples

Field	Value / Description	Example
Objective	free text field	To achieve ISO27001 Certification within the next year
Status	select active/not active – currently applicable objective or outdated and therefore not active	Active
Starting date	select the date when objective was formulated	23 Sept, 2021
Owner	select the owner from the dropdown menu with all of the team members	Jonathan Tachi
Key results	free text	ISO27001 certificate
Standard ISMS objective control	free text	yearly review of the objectives and strategy
Evidence		Certificate

Was this article helpful?

0 out of 5 stars

5 Stars		0%
4 Stars		0%
3 Stars		0%
2 Stars		0%
1 Stars		0%

Strategy & Ambition

Legal & Compliance

IT Infrastructure X-Ray

Risk & Opportunities

Improvements

Security Policies & Procedures

Measures & Controls

Operations

Leadership & Management

ISO Certification

Progress Overview

Real Time Audit

ISMS Objectives

0 out of 5 stars

How can we improve this article?

Please submit the reason for your vote so that we can improve the article.