Expert Advice Community

Guest

How ISMS internal audit varies from a normal cyber security audit

  Quote
Guest
Guest2 Created:   Jun 04, 2020 Last commented:   Jun 04, 2020

How ISMS internal audit varies from a normal cyber security audit

In regards to ISO27001 clause 9.2 and 9.3 

An organisation is conducting annual audit of their cyber security environment as a best practice, how an ISMS internal audit varies from normal audit. 

 

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 04, 2020

The main difference between a cybersecurity audit and an ISMS audit is that an ISMS audit covers the management requirements of the ISMS standard (clauses on sections 4 to 10), and applicable controls from Annex A that may cover controls not normally applicable to cybersecurity, like information classification, protection of intellectual property, physical access, etc.

These articles will provide you a further explanation about cybersecurity and audit:

These materials will also help you regarding audit:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 04, 2020

Jun 04, 2020