ISMS.online allows you to set up an approval process for reviewing policies and controls—an important requirement for ISO 27001. This ensures the integrity of your work is maintained through a visible approval process, complete with timestamps and approver details.

Enabling Approval

Approval settings are managed in the Project Settings page. You can choose from three levels:

  • Full – All Activities require approval from Team members with approval permissions before they can be marked complete.
  • Selected Activities only – Only Activities flagged as requiring approval will go through the approval process.
  • Off – Activities can be marked complete without requiring approval.

Select the option that fits your needs, then click Change approval to save your settings.

Enabling Approval for Selected Activities

To enable approval for specific Activities:

  1. Ensure Selected Activities only is chosen in the Project Settings.
  2. Open the Project and go to the Structure tab.
  3. Hover over the Activity you want to edit and click Edit.
  4. In the edit view, enable the Require approval option.

This ensures the selected Activity must be approved before it can be released.


Approval Permissions

Only users with approval rights can approve or decline Activities. For details on granting approval permissions, see granting users approval rights.