Information Security Management System

The ISO 27001:2024 Manual

The “GUIDE” function of the new ISO 27001 Manual

The Information Security Management System Manual under ISO 27001:2024 is designed to provide guidance for:

  1. The development of the system, its processes and its documentation for consultants and managers of the organization
  2. The understanding and effective use of the management system by the organization’s personnel
  3. Consultation, by interested parties, of the security safeguards established for information

The phase structure: PLAN, DO, CHECK, ACT

The Manual, following the part reserved for the description of the organization and its activities, explains the development logic of the system and illustrates the design of the corresponding document system.

To facilitate full understanding of how the system works, the Manual illustrates the system divided into sections: PLAN, DO, CHECK, ACT (Deming cycle).

In each section the Manual describes:

  • The regulatory requirements of ISO 27001:2024 covered
  • How the organization fulfills the requirements
  • The processes and activities performed
  • Documentation and records

The Manual as a support for internal training

The Manual, in addition to the descriptive contents, provides the flow charts of all the system processes in which, during training activities for staff, the organization has the opportunity to visually illustrate:

  • The activities performed in the processes governed by the procedures
  • The flow of information processed within the processes
  • The document flow produced by the execution of process activities



Complete package of manual, management procedures, safety procedures, forms, management applications, checklists and attachments.

All ready-made and fully editable and customizable content. System with integrated management of information security controls provided for in Annex A of ISO 27001 in its new 2024 version. Declaration of applicability and Information security plan.