Page structure
The page is organised as a three-level hierarchy:Progress color coding
| Range | Color |
|---|---|
| ≥ 80% | Emerald |
| 50–79% | Amber |
| 20–49% | Orange |
| < 20% | Rose |
Updating a requirement
Each requirement row has an expandable detail panel. To update a requirement:Locate the requirement
Navigate to Clauses in the sidebar. Expand the relevant clause and subclause until you see the requirement row.
Set the implementation status
Select one of the four statuses from the dropdown:
| Status | Meaning |
|---|---|
| No iniciado | Work has not begun (default) |
| En progreso | Implementation is underway |
| Implementado | Fully implemented and conformant |
| No aplica | Requirement does not apply to your ISMS scope |
Set the maturity level
Drag the Maturity slider to the appropriate level (0–5):
| Level | Label (Spanish) |
|---|---|
| 0 | Inexistente |
| 1 | Inicial |
| 2 | Repetible |
| 3 | Definido |
| 4 | Gestionado |
| 5 | Optimizado |
Assign an owner
Type the name or role of the person responsible for this requirement in the Owner field.
Record the last review date
Use the date picker in the Last reviewed field to log when this requirement was last assessed.
Requirements marked No aplica are counted as compliant in the progress percentage — both Implementado and No aplica contribute to the clause score. Use this status only for requirements that genuinely fall outside your ISMS scope, as auditors will expect a documented justification for each exclusion.
Clause 6 — Risk management integration
Clause 6 (Planning) has an embedded risk management panel directly inside the clauses page. When you expand Clause 6, you will see:- Risk Assessment Form — register a new risk entry without leaving the Clauses module
- Risk Heat Map — 5×5 visual matrix of all current risks
- Asset Inventory — quick view of the asset register
Bulk review workflow
To work through all requirements in a clause efficiently:- Sort the clause list by compliance percentage — the lowest-scoring clause appears first in the Dashboard clause ranking.
- Open the lowest-scoring clause and expand all its subclauses.
- Work through each requirement from top to bottom, setting statuses and maturity levels.
- Check the clause progress bar after each save — it updates in real time.
Changes are saved automatically to
localStorage as you make them. There is no explicit save button.Frequently asked questions
Does changing a status immediately affect the dashboard?
Does changing a status immediately affect the dashboard?
Yes. The Global Compliance donut on the Executive Dashboard recalculates in real time whenever you update a requirement status. Navigating back to the dashboard will show the updated percentage.
Can I add custom requirements?
Can I add custom requirements?
The clause tree is derived from the ISO 27001:2022 standard and cannot be modified. You can, however, add free-form notes to any requirement in the notes field within the detail panel.
What happens if I mark a requirement as Not applicable?
What happens if I mark a requirement as Not applicable?
The requirement is excluded from both the numerator and denominator of the clause compliance calculation. This raises the reported percentage for that clause even though no new implementation work has been done.
How do I link evidence to a requirement?
How do I link evidence to a requirement?
Click Manage evidence in the requirement detail panel. The evidence picker shows all documents in the Evidence Repository that are not yet linked to this requirement. Select one or more and confirm.