Evaluate your actions
Review your information security plan at least annually to constantly improve the security of your organization's information. Carrying out an evaluation, which is an overview of the advances made in the security plan, its potential improvements as well as its benefits, is healthy for the whole organisation.
We advise you to review your security plan on an annual basis with management. This will allow you to correct and complete but also improve the awareness of your management regarding the importance of information security and data protection. The information security plan develops over time. It is especially necessary to do a review in order to take on board:
- the developments of threats and feedback about the handling of incidents,
- the results of risk assessments as well as the actions arising from checks or audits, and
- developments in organisational, legal, regulatory and technological contexts.