Skip to content
Log in

Continual improvement

Definition

The ISO/IEC 27001 requirement (clause 10) that the organisation must actively improve the suitability, adequacy, and effectiveness of the ISMS over time. Demonstrated through corrective action records, nonconformity logs, and evidence that identified weaknesses have been addressed.

Related terms

Annex A
The normative annex to ISO/IEC 27001 that lists 93 information security controls across four themes: organisational (37 controls), people (8), physical (14),...
ISMS scope
The explicit boundaries of the management system: which organisational units, sites, processes, and information assets are covered. Defined under ISO/IEC 27001 clause...
Management review
The annual governance meeting required under ISO 17025 Clause 8.9, at which laboratory management reviews the aggregated quality performance data (PT results,...
Risk treatment plan
A document that records, for each identified risk, the chosen treatment option (accept, avoid, transfer, or reduce), the specific controls selected to...
Statement of Applicability (SoA)
A mandatory document listing every ISO/IEC 27001 Annex A control with a statement of whether it is included or excluded, the justification...

Explained in

  • Designing and Implementing an ISMSThe ISO/IEC 27001 requirement (clause 10) that the organisation must actively improve the suitability, adequacy, and effectiveness of the ISMS over time. Demon...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account