Beruflich Dokumente
Kultur Dokumente
Internal document
Procedure Ref : PO-DSIXXX
Version : 0.1
Control of Monitoring, Measuring, Analysis and Date : 26/09/2020
Evaluation Page : 2/4
1 Introduction
2 Scope
This procedure sets out VOICECOM’s arrangements for monitoring, measuring, analysing
and evaluating our information security performance in the context of our information
security management system.
3 Revision History
Revision Date Record of Changes Approved By
0.1 09.26.2020 Initial Issue
5 References
Standard Title Description
ISO 27000:2014 Information security management systems Overview and vocabulary
ISO 27001:2013 Information security management systems Requirements
ISO 27002:2013 Information technology - security Code of practice for information security
techniques controls
7 Responsibilities
The <ISMS Manager> is responsible for all aspects of the implementation and management
of this procedure, unless noted otherwise.
Managers and supervisors are responsible for the implementation of this policy, within the
scope of their responsibilities, and must ensure that all staff under their control understand
and undertake their responsibilities accordingly.
8 General
To evaluate the performance of our information security management system, we determine:
when the results from monitoring and measurement shall be analysed and evaluated
competent staff
Note that this plan does not include those system conformance checks provided by internal
ISMS audits, nor the periodic review of conformance covered by ISMS management
reviews.
The results of this monitoring and measuring plan are periodically analysed by the <ISMS
Manager> and:
reported to each ISMS management review meeting, which in turn evaluates and
uses them to identify both successes and areas requiring correction or improvement.
10 Evaluation of Compliance
Our ISMS Compliance With Legal and Contractual Obligations Procedure, sets out how we
ensure that we comply with our compliance obligations.
1 Records
Records retained in support of this procedure are listed in the ISMS Controlled Records
Register and controlled according to the Control of Management System Records
Procedure.