We recently had a client undergo a pre-assessment audit for their certification. During the audit, a couple of issues were raised:
The internal audit wasn't conducted properly due to insufficient time allocated for the process and the management system.
The auditors were seeking procedural documents that directly correlate with the Annex A policies provided in your templates.
Given these challenges, I wanted to reach out and seek your guidance. Specifically:
Do you have best practices or guidance on how to ensure our internal audits are thorough and in compliance with the standards?
Are there any templates or resources available that can help us align our procedural documents with the Annex A policies you've provided? This would be incredibly helpful in ensuring our documentation meets the auditor's requirements.
Furthermore, I'm curious if you have any templates or resources specifically for ISMS procedureal documents. We want to ensure that our ISMS documentation is both comprehensive and in line with industry standards.