The [1st] <Short Name> ISO 27001:2015 Management Review Meeting

[20th February 2017] in [Room 001]

Commencing at [10.00 am]
Agenda
Note that data, analyses, proposals, discussion papers etc. should always be sent to all members
at least five working days in advance, never, except in exceptional circumstances, on the day of
the meeting. Those distributions can and should then be read alongside the agenda / minutes.
1. Record of those present
2. Apologies for absence
3. Approval of previous minutes
4. Actions arising from previous meeting not otherwise on the agenda
5. Changes to external and internal context that are relevant to the information security
management system
6. Information security management system performance
7. Identification, evaluation and treatment of risks
8. Internal and external audits
9. Corrective and preventative actions
10. Information security incidents
11. Emergency preparedness and response
12. Compliance obligations
13. Awareness and communication
14. Changes that affect the ISMS
15. Training, development and resources
16. Continual improvement
17. Risks and opportunities
18. Corporate policies, objectives, targets and KPI’s
19.Special Items:
e.g. Proposal to bring the Finance System into the QMS, Proposal to adopt ISO 14001
20.AOB
21.Date of next meeting
22. Meeting Close

Rev 0.0 Page 1 of 1