richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Renamed some folders

Browse source
This commit is contained in:
Richard Kranendonk 2026-04-29 14:20:35 +02:00
parent 3542083f69
commit 3c800ae860
278 changed files with 113 additions and 113 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Corpus/Standards/ISO27x/PECB-Lead-Auditor-Training/PECB 27001 LA S05 E02b - Objectives and planning.md
View file

@ -3,7 +3,7 @@
[Clause 6.2](../../../MoCs/ISO_27001_2022_6.2_MoC%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md) demands that organizations should have information security objectives. These may be derived from the risk assessment from 6.1, from commercial objectives, from legal and regulatory compliance, or based on some other ambition or necessity.
The information security objectives the organization identifies shall:
- be consistent with information security policy ([C5.1](../../../MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), [A5.1](../archive/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md))
- be consistent with information security policy ([C5.1](../../../MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), [A5.1](../legacy/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md))
- results from the risk assessment ([6.1.2](../../../MoCs/ISO_27001_2022_6.1.2_MoC%20Information%20security%20risk%20assessment.md)) and risk treatment ([6.1.3e](../../../MoCs/ISO_27001_2022_6.1.3_MoC%20Information%20security%20risk%20treatment.md))
- take into account applicable information security requirements ([4.2](../../../MoCs/ISO_27001_2022_4.2_MoC%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md), needs and expectations of interested parties),
- be measurable (if practicable, see below)