Introduction
The concept of the Plan-Do-Check-Act Cycle was originally developed in 1930’s by Walter Shewhart, the pioneering statistician who developed statistical process control in the Bell Laboratories in the US. It is often referred as `The Shewhart Cycle'. It was taken up and promoted very effectively from the 1950s on by the famous Quality Management Authority, W. Edwards Deming, and is consequently known by many as `The Deming Wheel'.

Description
The PDCA Cycle encourages to be methodical in approach to problem solving and implementing. It coordinates in continuous improvement as emphases and demonstrates that improvement programs must start with careful planning, result in effective action and move on again to careful planning in a continuous cycle.

It is a four-step model for carrying out change. Just as a circle has no end, the PDCA cycle should be repeated for constant progress.
ISO/IEC 27001 is one of the most comprehensive examples of application of PDCA for the enhancement of information security. It describes how to establish, implement, operate, monitor, review, maintain, and improve an organization’s Information Security Management System (ISMS).
ISO 27001 defines PDCA as follow:

Plan: Establish ISMS policy, objectives, processes and procedures relevant to managing risk and improving information security to deliver results in accordance with an organization’s overall policies and objectives.
Do: Implement and operate the ISMS policy, controls, processes, and procedures.

Check: Assess and, where applicable, measure process performance against ISMS policy, objectives, and practical experience and report the results to management for review.

Act: Take corrective and preventive actions, based on the results of the internal ISMS audit and management review or other relevant information, to achieve continual improvement of the ISMS.

Figure of PDCA

The approach is general purpose and can be applied in a spiral, iterative fashion for successive levels of improvement and incrementally increasing scope.