Guest user Created: Jun 01, 2018 Last commented: Jun 01, 2018

Audit template content

1- In the ISO 27001/22301 Internal Audit Checklist https://advisera.com/27001academy/documentation/internal-audit-checklist/ , I can't see anything going deeper than 4.2 (not for example 4.2.1, 4.2,2...) - why doesn't it go into more detail, and how does it affect the implementation?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Jun 01, 2018

Answer: Clauses 4.2.1 and 4.2.2 are from ISO 22301, and the two questions identified for clause 4.2 on the ISO 22301 audit checklist cover the points that must be fulfilled to be complaint with this section, to mention:
- identification of interested parties relevant to the BCMS
- documentation of interested parties relevant to the BCMS and their requirements

So the way these questions are formulated do not affect the standard's implementation.

2- Also, later in the table, there are parts which are named the letter A in the beginning (for example A.5.1.1) - can you please explain to me what's this about?

Answer: The questions identified by the letter A in the beginning refer to the controls from ISO 27001 Annex A, and they are applicable only if you im plemented ISO 27001.

For better understanding of our templates I recommend you to read the comments included on them, because they can provide guidance on issues like this.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jun 01, 2018

Expert Advice Community