psjenkins/ISMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
870a576aa41f4352748d27ff98463e52fb324d9a
ISMS/06-audit-and-review/management-review-pack-template.md
Paul Jenkins 5eade2d99b Initial commit
2026-03-26 09:35:22 +00:00

2.3 KiB
Raw Blame History

Title: Management Review Pack Template Document ID: [MR-PACK-001] Version: 0.1 Draft Status: Draft Owner: CISO (Paul Jenkins) Approver: CISO (Paul Jenkins) Classification: Internal Effective date: [DD Month YYYY] Review date: [DD Month YYYY]

Management Review Pack Template

Purpose

This template provides a consistent structure for assembling the inputs to a formal ISMS management review.

Review Details

  • Review period: [Period]
  • Review date: [DD Month YYYY]
  • Chair: [Role]
  • Participants: [Names / Roles]
  • Prepared by: [Role]

Executive Summary

[Summarise the overall status of the ISMS and the key decisions required.]

Review Inputs

Information Security Objectives

  • current objectives status
  • missed targets or at-risk items
  • proposed new or revised objectives

Risk And Exception Status

  • top open risks
  • newly accepted risks
  • expired or overdue exceptions
  • themes requiring management attention

Incident And Breach Summary

  • material incidents during the period
  • lessons learned
  • any notifiable or high-impact events

Audit And Assurance Summary

  • audits completed
  • key findings and themes
  • overdue corrective actions

Supplier And Dependency Issues

  • key supplier reviews
  • assurance gaps
  • material supplier incidents or changes

Change And Operational Themes

  • significant change failures or concerns
  • recurring operational issues
  • resilience or recovery concerns

Training And Awareness

  • completion status
  • overdue or role-specific gaps

Improvement Opportunities

  • proposed control improvements
  • resourcing or prioritisation needs

Decisions Required

Decision Area Summary Proposed Decision Owner
[Area] [Summary] [Decision] [Role]

Actions Proposed

Action Owner Target Date Priority Linked Input
[Action] [Role] [DD Month YYYY] [Low/Medium/High] [Risk / audit / incident / objective]

Related Documents

  • Management Review Procedure
  • Management Review Minutes Template
  • Information Security Objectives Template
  • Corrective Actions Register Template

Version Control

Version Date Description of Change Author
0.1 Draft [DD Month YYYY] Initial draft. [Name or Role]
Reference in New Issue View Git Blame Copy Permalink