...
Department | Area | Recurrence | Next Date | Status* |
---|---|---|---|---|
Accounting | Logical Access | quarterlyQuarterly | 11 November 2017 | Planned |
HR system | Logical Access | quarterlyQuarterly | ||
Datacenter | Physical Access | 2/year | ||
Quality Management | Risk register | quarterlyQuarterly | ||
Quality managamentmanagement | Risk acceptance (system owner/senior management) | 2/year | ||
Quality management | Security management system | annualAnnual |
1.3 Awareness and Security training
Department/role | Training/Awareness | Recurrence | Date | Status |
---|---|---|---|---|
All | How to detect phishing | 2/year | 4 October 2017 | Completed |
All | Newsletter/blog on actual events | Monthly | ||
All or targeted groups | Phishing test | biBi-monthly | ||
New employees | Initial security training/onboarding | Monthly | ||
Existing employees | Skill upgrade | Annual | ||
Quality management | Review training material | Annualmonthly |
1.4 Internal Audit
Department | Type of Audit | Due date | Status |
---|---|---|---|
H.R. | Questionaire | 18 april 2018 | Planned |
1.5 Annual management reportReporting
Type | Reccurence | Due date for report | Due date for management review | Status |
---|---|---|---|---|
Annual report | Annual | 30th november 2017 | 14th december 2017 | In progress |
Board report | Quarterly | 14 days before board meeting | Feb 20th 2018 | Planned |
Board presentation | Quarterly | 14 days before board meeting | Feb 20th 2018 | Planned |
Top risks | Monthly | March 1st 2018 | March 5th 2018 | In progresss |
Establish an ISMS
what's needed to be planned is;
...