Content Comparison

Reference

Item

Description

1

Actions from previous review

Statement of whether actions have been completed or not and if not, what the next steps are

2

Changes relevant to the management system

Any significant internal or external changes that have occurred since the last review that may have an impact on the management system and so need to be considered

3

Nonconformities and corrective actions

Status of actions raised from previous internal and external audits

4

Monitoring and measurement results

Noteworthy items from monitoring and measurement reports, particularly exceptional results (good or bad) and whether targets are being met

5

Audit results

Summary of the conclusions of any audits carried out since the last management review

6

Fulfilment of objectives

Statement of how far we are towards achievement of information security objectives 

7

Feedback from interested parties

Comments from people and organisations relevant to the VQMS e.g. customers, suppliers

8

Risk assessment and treatment status

Changes to risk levels in the last quarter, including any new threats or vulnerabilities; progress on risk treatment plan

9

Opportunities for continual improvement

Update the plan and summarise progress for existing improvements; identify new opportunities

10

Resource planning and plan for next quarter

Review of resource adequacy and main activities scheduled for the next quarter

11

Any other business

Items not covered within the formal agenda

12

Supplier Review

Conduct a detailed external supplier review on a quarterly basis

13

Actions from this review

Actions recorded during this review, with person responsible and target date13

14

Information Continuity Processes Review

Review our current processes for ensuring we can continue to operate effectively in case of disaster

15

Date of next meeting

Ensure that the next meeting has been scheduled