Expert Advice Community

Guest

Certification audit questions

  Quote
Guest
Guest user Created:   Aug 27, 2019 Last commented:   Aug 27, 2019

Certification audit questions

I have 2 questions:
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 27, 2019

1. Is it a requirement for policy & procedure for the SOA to be approved?

Answer:

It is not a requirement, but a best practice to avoid rework, to approve policies and procedures only after the SoA has been approved, because any changes in the applicability status of controls in the SoA can impact the development, or review of policies and procedures.

These article will provide you further explanation about steps for implementation and SoA:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
- The importance of Statement of Applicability for ISO 27001 https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/

2 - Another question is it requirement to have 3 month ISMS evidence/records before ISMS external audit?

Answer:

It is not mandatory by the standard to have 3 month ISMS evidence/records before ISMS external audit, however, some certification bodies, as part of their own processes, require the management system to be 3 months in operation before going for the certification (you should verify this situation with your own certification body).

This article will provide you further explanation about certification process:
- Becoming ISO 27001 certified – How to prepare for certification audit https://advisera.com/27001academy/iso-27001-certification/

These materials will also help you regarding certification process:
- ISO 27001/ISO 22301: The certification process [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001iso-22301-the-certification-process-free-webinar/01iso-22301-certification-process-free-webinar-demand/
- Preparing for ISO Certification Audit: A Plain English Guide https://advisera.com/books/preparing-for-iso-certification-audit-plain-english-guide/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 27, 2019

Aug 27, 2019

Suggested Topics