Professional Documents
Culture Documents
ACPL-IsMS-C5.36 Compliance With Policies, Rules and Standards For Information Security
ACPL-IsMS-C5.36 Compliance With Policies, Rules and Standards For Information Security
ACPL-IsMS-C5.36 Compliance With Policies, Rules and Standards For Information Security
Document ID ACPL-ISMS-C5.36
Document Classification Internal
Issue Date (effective from) 01.12.2023
Version No 1.0
Latest Review Date 01.12.2023
1. Control statement:
Compliance with the organization’s information security policy, topic-specific policies, rules and
standards should be regularly reviewed.
2. Purpose:
To ensure that information security is implemented and operated in accordance with the
organization’s information security policy, topic-specific policies, rules and standards.
3. Scope:
This policy covers the Method for Review of Information Security Policies & other standards
Requirements and ensuring that all the requirements are met.
4. Procedure:
b) Evaluate the need for corrective actions to a Results of reviews and corrective actions carried out
by the information owners or as per procedural requirements and recorded and these records are
maintained. Managers should report the results to the persons carrying out independent reviews
when an independent review takes place in the area of their responsibility.
Corrective actions should be completed in a timely manner as appropriate to the risk. If not
completed by the next scheduled review, progress should at least be addressed at that review to
achieve compliance;
d) Review corrective actions taken to verify its effectiveness and identify any deficiencies or
weaknesses
Results of reviews and corrective actions carried out by information owners or as defined in the
respective procedure, should be recorded and these records should be maintained. Functional heads
should report the results to the persons carrying out independent reviews when an independent
review takes place in the area of their responsibility.
Doc ID: ACPL-ISMS-C5.36 Version 1.0 Last Rev. Date: 01.12.2023 Page 2 of 3
This document is confidential and must not be shared or copied without written permission from
Aethereus Consulting. Please return or destroy upon request.
Compliance with policies, rules and standards for information security
Corrective actions are completed in a timely manner as appropriate to the risk. If not completed by
the next scheduled review, progress should at least be addressed at that review.
5. References:
6. Revision History
Doc ID: ACPL-ISMS-C5.36 Version 1.0 Last Rev. Date: 01.12.2023 Page 3 of 3
This document is confidential and must not be shared or copied without written permission from
Aethereus Consulting. Please return or destroy upon request.