When to use this
Practical use
Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.
Use this to prepare inputs for ISMS management review.
| Input area | Evidence / data | Owner | Status | Notes |
|---|---|---|---|---|
| Status of actions from previous reviews | Action tracker | ISMS Manager | ||
| Changes in external/internal issues | Context review | ISMS Manager / leadership | ||
| Interested party feedback | Customer/regulatory/supplier feedback | Relevant owners | ||
| Information security performance | KPIs, metrics, incidents | Security Lead | ||
| Nonconformities and corrective actions | Corrective action tracker | ISMS Manager | ||
| Monitoring and measurement results | Control performance reports | Control owners | ||
| Internal audit results | Audit reports | Internal audit | ||
| Risk assessment and treatment results | Risk register, RTP | Risk owners | ||
| Opportunities for improvement | Improvement log | All owners |
- Template
- Management review
- Iso27001
Note Metadata
Aliases: Management Review Input Checklist
Source: 90 Templates/Management Review Input Checklist.md