SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

Expert Advice Community

Home / ISO 27001 & 22301 / Audit and ISO 22301

Guest

Audit and ISO 22301

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Apr 26, 2018 Last commented:   Apr 26, 2018

Audit and ISO 22301

ISO 27001 & 22301
1 - Kindly assist me with the audit program for ISO 22301 as well as test plans.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal Apr 26, 2018

Answer: For an audit program first you have to define if you are going to perform one audit or a series of audits throughout the year. After that you have to define criteria to define individual audits and the auditors that will perform them, the procedure that will be used for the audits, and if you are going to use checklists or not.

For testing plans first you have to define which kind of test you will perform (e.g., Orientation seminar, Desk check, Plan walk-through, Functional testing, etc.), After that you have to define the tests scope, objectives, and timing, and align these decisions with top management and management heads to develop the necessary details for the test plans.

These materials will provide you further explanation about internal audit and test plans:
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- How to prepare for an ISO 27001 internal audit (the general concepts are al so applicable to ISO 22301) https://advisera.com/27001academy/blog/2016/07/11/how-to-prepare-for-an-iso-27001-internal-audit/
- Dilemmas with ISO 27001 & BS 25999-2 internal auditors https://advisera.com/27001academy/blog/2010/03/22/dilemmas-with-iso-27001-bs-25999-2-internal-auditors/
- How to make an Internal Audit checklist for ISO 27001 / ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/
- How to perform business continuity exercising and testing according to ISO 22301 https://advisera.com/27001academy/blog/2015/02/02/how-to-perform-business-continuity-exercising-and-testing-according-to-iso-22301/

2 - Also, does ISO 22301 has SoA as in ISO 27001?

Answer: The statement of applicability is a requirement only for ISO 27001. There is no similar requirement for ISO 22301.

These materials will provide you further explanation about ISO 22301:
- What is IS 22301 https://advisera.com/27001academy/what-is-iso-22301/
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 26, 2018

Apr 26, 2018

Suggested Topics
Guest user Created:   Jul 22, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISO 22301 toolkit - audit procedure
Guest user Created:   Mar 17, 2021 ISO 27001 & 22301
Replies: 1
0 0

Is ISO 22301 mandatory for audits?
Guest user Created:   Dec 28, 2020 ISO 27001 & 22301
Replies: 1
0 0

Corrective action plan for audit observation for clause 8.1 of ISO 22301