Quiz Entry - updated: 2026.07.14
How do the PDCA phases map to the chapter structure of ISO 27001?
Plan = Chapters 4-6 (Context, Leadership, Planning), Do = Chapters 7-8 (Support, Operation), Check = Chapter 9 (Performance Evaluation), Act = Chapter 10 (Improvement).
* ISO 27001 clauses 4–10 grouped under the four PDCA phases. *
| PDCA Phase | ISO 27001 Chapters | Key Activities |
|---|---|---|
| Plan | Ch 4: Context of the Organization | Understanding the org, interested parties, scope, ISMS |
| Ch 5: Leadership | Commitment, policy, roles & responsibilities | |
| Ch 6: Planning | Risk actions, IS objectives and plans | |
| Do | Ch 7: Support | Resources, competence, awareness, communication, documentation |
| Ch 8: Operation | Operational planning, risk assessment, risk treatment | |
| Check | Ch 9: Performance Evaluation | Monitoring, measurement, analysis, internal audit, management review |
| Act | Ch 10: Improvement | Nonconformity, corrective action, continual improvement |
Tip: The chapter numbering (4-10) follows the common Annex SL high-level structure that all modern ISO management system standards share. This means ISO 27001 is designed to integrate well with ISO 9001 (quality), ISO 14001 (environment), etc.
Go deeper:
ISO 27001 — Die Hauptkapitel und der häufigste Fehler bei der Umsetzung (YouTube) — führt durch die Kapitelstruktur (Kap. 4–10) und zeigt, wie sie auf den PDCA-Zyklus abbildet.