0+
.Get management support
.Define ISMS scope
.Inventory your information assets
.Conduct an information security risk assessment.
.Prepare a Risk Treatment Plan
.Develop ISMS implementation program
.Get management support
.Define ISMS scope
.Inventory your information assets
.Conduct an information security risk assessment.
.Prepare a Risk Treatment Plan
.Develop ISMS implementation program
.Run the ISMS implementation program
.Operate the ISMS
.Collect ISMS operational artefacts
.Conduct a pre-certification assessment "Conformity Audit"
.Certification audit