Get 4 FREE months of Conformio to implement ISO 27001

Tag: "Internal Audit" - Expert Advice Community

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • Template for ISO27001 Audit program

    I just bought the termplate for Internal audit program, ISO27001 and I am wondering about the details. The template is very simple and doesn't really show how to ensure that the whole standard incl the security controls have been reviewed in a three year period which I understand is a requirement from our certification body. The template only includes detailing the areas (departments and processes for example) and other details such as methods, Criterias (which I understand would be iso27001 then) etc. 

    Isn't it also necessary to show in the program that we have a plan to ensure full review of the standard? And if so, how would you suggest this is inserted into the IA Program, using the Advisera template? 

  • Internal Auditor from outside

    Hello Advisera,

    we've hired our internal auditor from outside, and we will receive Audit Report from him.

    Do we still have to write the Internal audit Procedure and program, or is it normally what the Internal auditor should provide us in this case?

    Thank you!

  • Internal Audit - choice of auditor

    Is it typical in smaller companies (50-100 employees) that for the internal audit an external auditor is being hired?  Or should you be thinking of somebody internally in the first place anyhow?