ISO 27001:2022 Clause 10.1 Is Not Incident Management
Clause 10.1 requires continual improvement. Incident management lives in Annex A.5.24–5.28. The conflation of the two is the most common structural error in ISO 27001 implementations — and it reveals an ISMS that can repair itself but cannot advance itself.