Save 20% on accredited ISO 27001 course exams.
Limited-time offer – ends July 18, 2024
Use promo code:
EXAM20

Expert Advice Community

Guest

Gap analysis questionnaire

  Quote
Guest
Guest user Created:   May 24, 2019 Last commented:   May 24, 2019

Gap analysis questionnaire

I'm in need of a checklist that will help my software development company to prepare for the ISO 27001, my logic is that if i know all the questions asked by the auditor in a external audit, i can ask myself the same questions and see if my team is ready. May I request your advise in getting the in depth questions i need to ask the IT Team, HR Team, Finance Team, QA Team, Architecture, The Development Team , Network Team, Design Team, Cloud Support Team, Application Support Team. Are the checklist that i can use as the basis of asking them and myself to prepare for this?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 24, 2019

Answer:

For a quick and initial diagnosis of your company readiness for ISO 27001, I suggest you our ISO 27001 Gap Analysis Tool at this link: https://advisera.com/27001academy/free-iso-27001-gap-analysis-tool/

It has a simple question-and-answer format that allows you to visualize which specific elements of an information security management system you’ve already implemented, and what you still need to do.

For a more complete view of what an auditor would look for, I suggest you to take a look at the free demo of our Internal Audit Checklist: https://advisera.com/27001academy/documentation/internal-audit-checklist/

For each clause or control from the standard the checklist provides one or more questions which should be asked during the audit in order to verify the implementation.

Regarding in-depth questions, they are most related to technical competencies and daily operational practices, and to have an insight for them I suggest you our security awareness program: https://advisera.com/training/awareness-session/security-awareness-training/
It has a set of short videos to educate your employees about simple techniques for protecting company information

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 24, 2019

May 24, 2019

Suggested Topics

Guest user Created:   Feb 10, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 certificate

Guest user Created:   Nov 26, 2018 ISO 27001 & 22301
Replies: 1
0 0

Performing Gap Analysis

Guest user Created:   Apr 26, 2018 ISO 27001 & 22301
Replies: 1
0 0

Compliance questionnaire