Management review icon

There is management review support for the main modules in the BCMS area.  A brief outline of the BCMS Management review activities follows:



Carrying out a regular management review is required by the BS 25999. This is normally undertaken by one or more members of the senior management team.  It is also a cornerstone of the ongoing improvement activities for the BCMS as a whole.


Carrying out the review

The review should be carried out by competent members of the senior management team.  The date of the review should be entered in the "Latest review" date field. The tick boxes on the right hand side of the management review pop-up follow the process for a standard review of a process, activity or procedure. The six areas are: Process defined; Process documented; Process Implemented; Process tested; Non-conformities cleared; and Section complete. Enter information on who carried out the review and set a date for targeted completion of follow up activity and also set the date for the next review.


Identifying non-conformities

A critical part of the management review process is to identify non-conformities between the organization's activities and those required in the BS 25999. Areas where the BS 25999 is not conformed with are to be noted and an assessment made as to whether the non-conformity is considered to be major or minor in nature. A major non-conformity can be defined a one where the lack of conformity could potentially have a significant impact on the organizations activities. A minor non-conformity is one where the item is deficient but the impact of the deficiency is not expected to have a severe impact on the organization or its stakeholders.


Recording nonconformities

The User nominated to carry out the management review (Reviewer) will check each section against the requirements and identify any minor or major nonconformities that need to be corrected.  The Reviewer should check that a suitable process has been defined; check it has been documented to a suitable standard; check it has been implemented; check the process has been tested; check the procedures have been tested and carry out any other tests appropriate to the section being reviewed.  Any nonconformities should be noted in the memo box and a tick placed in the respective tick boxes.  Add the date of the review and the initials of the reviewer, add any follow up date required and also the date of the next review. When the section review has been completed, tick the appropriate tick box. If either major or minor non-conformities exist in the section under review tick the respective boxes in the management review pop-up. If no non-conformities have been identified tick that box. Brief information about each non-conformity should be entered in the memo box.


Assessing the six management review progress areas

The six progress areas for monitoring the status of a management review are as follows:

Process defined
To obtain a positive result in this category, the process required to meet the BS 25999 should be clearly defined and the process scope specified to ensure that the resultant process is suitable for meeting the requirement and fit-for-purpose. 


Process documented
To obtain a positive result in this category, the process must be documented with instructions to users on how the process requirements are to be met.  The instructions to be in plain clear English with screen shots where appropriate.


Process Implemented
To obtain a positive result in this category, the process should have been implemented and staff trained in its use, as appropriate.

Process tested
To obtain a positive result in this category, the process should have been tested in normal and abnormal conditions to ensure that the process is fit for purpose.


Non-conformities cleared 
To obtain a positive result in this category, any non-conformities should have been cleared and the process retested.


Section complete
To obtain a positive result in this category, all previous five categories should have been completed and the management review for the section signed off.

Editing the list of employees

Click the "Edit" button to add additional persons to the list of employees available in the BCMS to handle the management review activities.




Displaying and viewing the management review summary

Clicking on the "Summary" button in the management review pop-up will cause the following screen to appear. This screen summarizes the management review status for all sections of the BS 25999 requirements.



It is not possible to edit the data in this screen. The editing should be done in the normal management review area located at the bottom of the screen.

Reference material: