Annex A 5.35 - Independent Review of Information Security

The organization’s approach to managing information security and its implementation including people, processes, and technologies shall be reviewed independently at planned intervals, or when significant changes occur.

Last updated