Summit dossier¶

Presentation¶

This presentation summarises the expedition journey and can be used for management briefings on ISO 27001 approach, project kickoff meetings, and board or investor updates:

Download presentation (pdf) | Download notes presentation (pdf)

Comprehensive notes¶

These docs are my expedition notebook. Rough, practical, and written for use, not display. They collect what I needed to remember while navigating ISO 27001: the paths taken, the shortcuts avoided, and the occasional cliff edge. They are not a polished guide, but they map the territory well enough for another climber to find their way.

The notes were made for me, so they are dense, incomplete in places, and occasionally cryptic. Still, if you are making a similar ascent, you may find them useful, not as instructions, but as a record of where footing was firm and where scree shifted underfoot or crevasses hid:

• Map room, context, interested parties, scope, 30pp

• Risk tent, structured risk management, 19pp

• Gear depot, controls, risk treatment plan, statement of applicability, 21pp

• The climb, resources for the climb, 10pp

• Base camp checks, monitoring and measurement, internal audit, management review, 17pp

• The summit push, stage 1, stage 2, outcomes, 30pp

• Planting the flag, surveillance cycle, recertification, PDCA, 19pp