The first and foremost task to do after your certification process is to mitigate all non-conformities/non–compliances that were identified during your certification audit. This must be completed before your surveillance audit is due. Auditors will not be happy to see any of their findings to re-appear again in the following audits. If any of your policy or procedure documents require to be updated, ensure that you document these changes (version control within the documnet), get these document reviewed, approved by management and circulated to authoirzed people.
-
You are currently browsing the archives for Saturday, April 21st, 2007
Blogroll
Who's Online
- 0 Members.
- 5 Guests.
Tags
Access Control Admin Access Airport Security Asset Identificaion Asset Inventory asset values BS 25999 Business Continuity C-I-A Certifications CIA CIA Triad Controls Implementation Data Loss Disaster Recovery Elevated Privileged Access Information Security Information Security Management System Information Security Risk Assessment ISMS ISMS Implementation ISO 27001 ISO 27001:2005 ISO 27001:2005 control implementation Local Admin Metal Detectors Metor Metal Detectors network network security breaches Patch Management Penetration Testing Physical Security Risk Risk Assessment Security Security Assessment Security Breach security breaches Standards Systems Security Training VA/PT Vulnerability Assessment Vulnerability Management Vulnerability Scanning