Update 24th July 2023

Section : ISO 27001 Roadmap – Step 1

We see that we are receiving more and more users are interested adding their data to the 4 sections on Step 1. Therefore we updated the Step 1 section on wiki and published a separate page to explain how to use this section the most efficient way.

Read more about how to setup your first step to ISO 27001 here .

Section : IT Infrastructure / X-ray

How to make well-informed decisions when making changes in your IT Infrastructure?

We have increased the functionality of the X-ray components by adding a new tab Interactions .

You can now connect OPC’s, Improvements, Policies & Procedures and Suppliers to specific X-ray component, so when making changes and deciding what the impact might be on your ISMS – you have relevant information at hand.

Purpose: By connecting compliance Documentation and Activities to specific X-ray Component, you will be better informed about the impact of changes – due to risks and opportunity assessments.

On a yearly basis you will perform an ISRA https://compleye.wiki/compleyeonline/isra/ – however on a more regular basis (think of security meeting topics – https://compleye.wiki/compleyeonline/security-meetings/ ) You will make changes and before you can make a decision, you will need to have all relevant information available to make proper Impact analyses.

That is why you can connect the following compliance activities and documentation to a component:

OPCs – Recurring compliance activities

Improvements – One-time activities to mature your compliance framework

Policies & Procedures – Documentation that needs to be reviewed on a yearly base

Suppliers – Organisations that deliver products or services