What is a Process Approach?
ISO/IEC 27001 uses a process-oriented approach and examines processes within its scope. ISO/IEC 27001 is based on the Plan-Do-Check-Act (PDCA) process. Along with processes required for ISO 27001, one of the main processes it examines is the entire Management System. Implementing the overall process can be looked at as a large single process, but within the implementation there are many small processes.
What are processes, inputs and outputs?
Every organization is made up of a series of interacting processes. A process is defined by a set of activities that uses resources that will transform your inputs to outputs. The process approach considers the interaction between these processes, and the inputs and outputs that tie these processes together. The output of one process becomes the input of another.