A documented statement describing the control objectives and controls that are relevant and applicable to the organisation’s Information Security Management System (ISMS). A key component of an ISMS defined in ISO/IEC 27001:2005.
Mark Sharron
Mark is the Head of Search & Generative AI Strategy at ISMS.online, where he develops Generative Engine Optimised (GEO) content, engineers prompts and agentic workflows to enhance search, discovery, and structured knowledge systems. With expertise in multiple compliance frameworks, SEO, NLP, and generative AI, he designs search architectures that bridge structured data with narrative intelligence.
