Guest
ISO 27001 Internal Audit practice and tips
Can you share some good practices when auditing ISO 27001 ISMS and Annex controls? Thanks
Assign topic to the user
Expert
Rhand Leal
Feb 15, 2022
I’m assuming you are referring to an internal audit.
Considering that, to perform an internal audit you should consider these steps:
- Develop an internal audit procedure
- Plan your audits, considering dates, criteria, and scope
- Develop checklists to help you not forget something during the audit
- Elaborate on the audit report which will include the non-compliances and other findings
These articles will provide you a further explanation about internal audit:
- How to prepare for an ISO 27001 internal audit https://advisera.com/27001academy/blog/2016/07/11/how-to-prepare-for-an-iso-27001-internal-audit/
- How to make an Internal Audit checklist for ISO 27001 / ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/
- Practical use of corrective actions for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2013/12/09/practical-use-of-corrective-actions-for-iso-27001-and-iso-22301/
These materials will also help you regarding internal audit:
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/
Comment as guest or Sign in
Feb 15, 2022
Feb 15, 2022
Feb 15, 2022