Please select user.Assign
There are no topics yet.
For the first internal audit of the ISMS prior to certification, what should the scope period be? the past year?
In regards to ISO27001 clause 9.2 and 9.3
An organisation is conducting annual audit of their cyber security environment as a best practice, how an ISMS internal audit varies from normal audit.
Is it typical in smaller companies (50-100 employees) that for the internal audit an external auditor is being hired? Or should you be thinking of somebody internally in the first place anyhow?