Tag: "Internal Audit" - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • how to reference clauses and Annex A controls in an ISO27001 internal audit report

    Since the standard is licensed, how can we appropriately reference/include ISO27001 Annex A controls and clause requirements in an internal audit report to show which control/clause is not being met?

  • first internal audit - scope period

    For the first internal audit of the ISMS prior to certification, what should the scope period be? the past year?

  • How ISMS internal audit varies from a normal cyber security audit

    In regards to ISO27001 clause 9.2 and 9.3 

    An organisation is conducting annual audit of their cyber security environment as a best practice, how an ISMS internal audit varies from normal audit. 


  • Internal Audit - choice of auditor

    Is it typical in smaller companies (50-100 employees) that for the internal audit an external auditor is being hired?  Or should you be thinking of somebody internally in the first place anyhow?