A gate review is a formal checkpoint at project phase transitions where the fulfillment of defined criteria is assessed before the project may proceed to the next phase. In the information security context, gate reviews ensure that security requirements are addressed in every project phase.
Typical checkpoints: Have security requirements been gathered? Has a risk analysis been performed? Are test results acceptable? Has documentation been created? ISO 27001 Annex A (A.5.8) requires the integration of information security into project management. Gate reviews are the operational tool for implementing this requirement in a structured way.