Expert Advice Community

Guest

Audit template content

  Quote
Guest
Guest user Created:   Jun 01, 2018 Last commented:   Jun 01, 2018

Audit template content

1- In the ISO 27001/22301 Internal Audit Checklist https://advisera.com/27001academy/documentation/internal-audit-checklist/ , I can't see anything going deeper than 4.2 (not for example 4.2.1, 4.2,2...) - why doesn't it go into more detail, and how does it affect the implementation?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 01, 2018

Answer: Clauses 4.2.1 and 4.2.2 are from ISO 22301, and the two questions identified for clause 4.2 on the ISO 22301 audit checklist cover the points that must be fulfilled to be complaint with this section, to mention:
- identification of interested parties relevant to the BCMS
- documentation of interested parties relevant to the BCMS and their requirements

So the way these questions are formulated do not affect the standard's implementation.

2- Also, later in the table, there are parts which are named the letter A in the beginning (for example A.5.1.1) - can you please explain to me what's this about?

Answer: The questions identified by the letter A in the beginning refer to the controls from ISO 27001 Annex A, and they are applicable only if you im plemented ISO 27001.

For better understanding of our templates I recommend you to read the comments included on them, because they can provide guidance on issues like this.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 01, 2018

Jun 01, 2018

Suggested Topics