checking red to blue
Due: 2025-07-10
Notes: approved- need adjustment....1 red to blue in progress......2 approvale pendin......3. approved
Bring Your Own Device (BYOD) Policy
Due: 2025-07-10
DOC-18 - Corrective Action Plan
Due: 2025-08-10
Notes: Operate the ISMS: Perform corrective actions as needed (ongoing improvement) in the operation of the ISMS
DOC-17 - Procedure for Corrective Action
Due: 2025-08-10
Notes: Implement management procedures: Corrective action Procedure. Clause 10.2
DOC-16 - Annual Internal Audit Plan
Due: 2025-08-10
Notes: Implement management procedures: Draft the annual internal audit plan. Clause 9.2
DOC-15 - Internal Audit Program
Due: 2025-08-10
Notes: Implement management procedures: Draft the internal audit Procedure. Clause 9.2.
DOC-13 - Training and Awareness policy
Notes: Training and awareness programs: Training for all employees. Clause 7.2
DOC -11 – Statement of Applicability (SoA)
Due: 2025-08-10
Notes: Document your security profile: Develop the Statement of Applicability. Clause 6.1.3 d)
DOC-10 - Risk Assessment and Risk Treatment Report
Due: 2025-08-10
Notes: Perform risk management: Write the risk assessment & treatment report. Clause 8.2 and 8.3
DOC-8b - Risk Treatment Table
Due: 2025-08-10
Notes: Perform risk management: Document your risk treatment
DOC-8a - Risk Assessment Matrix
Due: 2025-08-10
Notes: Perform risk management: Perform risk assessment
DOC-7 - Risk Assessment and Risk Treatment Methodology
Due: 2025-08-10
Notes: Perform risk management: Draft the risk assessment methodology Clause 6.1.2
DOC-6 Information Security Objectives
Due: 2025-08-10
Notes: Draft the information security objectives: Clause 6.2 Define the scope, management intention and responsibilities
DOC-1 - Procedure for Document and Record Control
Due: 2025-07-10
Notes: Prepare for the ISMS project: Write procedure for document control Clause 7.5 Control A.5.33
Information Classification Policy
Due: 2025-05-06
Delivered: 2025-05-02
Notes: May delivery
Secure Data Destruction Policy
Due: 2025-05-06
Delivered: 2025-04-16
Bring Your Own Device (BYOD) Acknowledgment & Consent Form
Due: 2025-05-06
Delivered: 2025-02-25
Business Continuity Plan (BCP)
Due: 2025-05-06
Delivered: 2025-04-14
Information security Policy
Due: 2025-05-06
Delivered: 2025-03-26
Incident Response Plan (IRP)
Due: 2025-05-06
Delivered: 2025-03-26
XLS: CIT Physical and environmental Security Policy
Due: 2025-05-06
Delivered: 2025-02-25
Statutory, Regulatory, and Contractual Requirements
Due: 2025-05-06
Delivered: 2025-02-28