Conducting ISMS audit
Assign topic to the user
I suppose that you mean internal audit, so in this case basically you have 2 options:
a.- Perform internal audit with own employees (employees who have not been involved in the implementation of the ISMS, since an auditor can not audit their own work). For this I think that can be very useful this article for your employees How to make an Internal Audit checklist for ISO 27001 / ISO 22301": https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/
b.- Hiring an external consultant. In this case, the important is to look for an experienced and qualified auditor. Please read this article Qualifications for an ISO 27001 Internal Auditor : https://advisera.com/27001academy/blog/2015/03/30/qualifications-for-an-iso-27001-internal-auditor/
Comment as guest or Sign in
Jan 12, 2016