Expert Advice Community

Guest

Audit and ISO 22301

  Quote
Guest
Guest user Created:   Apr 26, 2018 Last commented:   Apr 26, 2018

Audit and ISO 22301

1 - Kindly assist me with the audit program for ISO 22301 as well as test plans.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 26, 2018

Answer: For an audit program first you have to define if you are going to perform one audit or a series of audits throughout the year. After that you have to define criteria to define individual audits and the auditors that will perform them, the procedure that will be used for the audits, and if you are going to use checklists or not.

For testing plans first you have to define which kind of test you will perform (e.g., Orientation seminar, Desk check, Plan walk-through, Functional testing, etc.), After that you have to define the tests scope, objectives, and timing, and align these decisions with top management and management heads to develop the necessary details for the test plans.

These materials will provide you further explanation about internal audit and test plans:
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- How to prepare for an ISO 27001 internal audit (the general concepts are al so applicable to ISO 22301) https://advisera.com/27001academy/blog/2016/07/11/how-to-prepare-for-an-iso-27001-internal-audit/
- Dilemmas with ISO 27001 & BS 25999-2 internal auditors https://advisera.com/27001academy/blog/2010/03/22/dilemmas-with-iso-27001-bs-25999-2-internal-auditors/
- How to make an Internal Audit checklist for ISO 27001 / ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/
- How to perform business continuity exercising and testing according to ISO 22301 https://advisera.com/27001academy/blog/2015/02/02/how-to-perform-business-continuity-exercising-and-testing-according-to-iso-22301/

2 - Also, does ISO 22301 has SoA as in ISO 27001?

Answer: The statement of applicability is a requirement only for ISO 27001. There is no similar requirement for ISO 22301.

These materials will provide you further explanation about ISO 22301:
- What is IS 22301 https://advisera.com/27001academy/what-is-iso-22301/
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 26, 2018

Apr 26, 2018