Clauses

Question 1

4.1

Answer 1

Context of organization

Question 2

4.2

Answer 2

Understanding needs and expectations of interested parties

Question 3

4.3

Answer 3

Scope of ISMS

Question 4

4.4

Answer 4

ISMS

Question 5

5.1

Answer 5

Leadership and Commitment

Question 6

5.2

Answer 6

Policy

Question 7

5.3

Answer 7

Organizational Roles, Responsibilities, Authorities

Question 8

6.1

Answer 8

Addressing risk and opportunities

Question 9

6.1.1, 6.1.2, 6.1.3

Answer 9

IS Risk Assessment,
IS Risk Treatment,

Question 10

6.2

Answer 10

IS objectives and planning to achieve them

Question 11

6.3

Answer 11

Planning of Changes

Question 12

7.1

Answer 12

Resources

Question 13

7.2

Answer 13

Competence

Question 14

7.3

Answer 14

Awareness

Question 15

7.4

Answer 15

Communication

Question 16

7.5.1

Answer 16

Documented Information
By ISMS
By organization

Question 17

7.5.2

Answer 17

Creating and updating

Question 18

7.5.3

Answer 18

Control of documented Information

Question 19

8.1

Answer 19

Operation planning and control

Question 20

8.2

Answer 20

Result of IS Risk Assessment

Question 21

8.3

Answer 21

Result of Risk Treatment

Question 22

9.1

Answer 22

Monitor and Measure Performance Evaluation

Question 23

9.2

Answer 23

Evidence of Internal Audit
4 items:
Internal audit programme
Pelaksanaan internal audit programme
KAK
bukti audit

Question 24

9.3

Answer 24

Management Review
MoM
Daftar hadir
Materi MR

Question 25

10.1

Answer 25

Nonconformity, action taken
Result of CA

Question 26

10.2

Answer 26

Continual improvement