Expert Advice Community

Guest

Controls for Stage 2 audit

  Quote
Guest
Guest user Created:   Jun 25, 2020 Last commented:   Jun 25, 2020

Controls for Stage 2 audit

Hi, do I need to have implemented and be able to evidence all of the controls identified in the SoA for the Stage 2 audit or can I state which ones are fully live and which are still in progress.

0 0

Assign topic to the user

ISO 27001 INTERNAL AUDIT CHECKLIST

List of questions to ask during the ISO 27001 audit.

ISO 27001 INTERNAL AUDIT CHECKLIST

List of questions to ask during the ISO 27001 audit.

Expert
Rhand Leal Jun 25, 2020

If you go for the certification audit, you should have most of the controls stated in the SoA as applicable implemented, and make sure that controls that mitigate the biggest risks are fully implemented.

In other words, you can leave only a smaller number of less significant controls to be implemented after the certification. In such a case, you have to ask risk owners to accept the residual risks.

This article will provide you a further explanation about certification:

This material will also help you regarding certification:

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Jun 25, 2020

Jun 25, 2020

Suggested Topics