We got the certificate on October 2022. I want to do an internal audit before external audit on August. How can I start with the audit and how to perform it . Thanks
Assign topic to the user
I’m assuming that by external audit you refer to the certification audit.
Considering that, it is important to note that an internal audit is a mandatory requirement for ISO 27001 certification, so it needs to be performed before the certification audit.
To perform an internal audit you should consider these steps:
- Develop an internal audit procedure
- Plan your audits, considering dates, criteria, and scope
- Develop checklists to help you not forget something during the audit
- Elaborate on the audit report which will include the non-compliances and other findings
These articles will provide you with a further explanation of internal audit:
- How to prepare for an ISO 27001 internal audit https://advisera.com/27001academy/blog/2016/07/11/how-to-prepare-for-an-iso-27001-internal-audit/
- How to make an Internal Audit checklist for ISO 27001 / ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/
- Practical use of corrective actions for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2013/12/09/practical-use-of-corrective-actions-for-iso-27001-and-iso-22301/
These materials will also help you regarding internal audit:
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/
To see what internal audit documents compliant with ISO 27001 look like, please take a look at this toolkit:
- ISO 27001/ISO 22301 Internal Audit Toolkit https://advisera.com/27001academy/iso-27001-22301-internal-audit-documentation-toolkit/
Comment as guest or Sign in
Mar 01, 2023