Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

How to prepare an audit?

  Quote
Guest
Guest user Created:   Jan 15, 2021 Last commented:   Jan 15, 2021

How to prepare an audit?

How would you approach preparing for an audit taking place in 8 weeks, what would you prioritise, how would you ensure non-conformities are minimised

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 15, 2021

I’m assuming your question is about an external audit.

Considering that, for the preparation for an audit you should consider these general steps:
- identification of the audit scope (is it the whole scope or only part of it?)
- review of the ISMS documents related to the audit scope (e.g., policies, procedures, and records), considering the main clauses from the standard (from sections 4 to 10), and controls from Annex A stated as applicable in your Statement of Applicability (SoA). 
- review the status of the actions related to the decisions made in the last management review.
- review the status of the raised nonconformities and opportunities for improvement.

Regarding prioritization, you should consider the most relevant risks, and most used controls to identify which points you should check first, or with more attention.

Regarding nonconformities minimization, you should ensure people are aware of their roles, responsibilities, and authorities, and ensure that problems identified in the abovementioned reviews are properly handled (e.g., records are created, policies and procedures are updated, and corrective actions are on date).

These materials will also help you regarding audit:
- What to expect at the ISO certification audit: What the auditor can and cannot do (PDF) https://info.advisera.com/free-download/what-to-expect-at-the-iso-certification-audit?_gl=1*1dvw82w*_ga*MTMyMzMxODY0OS4xNjA2NjAxMDQ0*_ga_4P5GYSBRB2*MTYxMDY2NzE2MC40OC4xLjE2MTA2NzE3MjMuNTg />- Preparing for ISO Certification Audit: A Plain English Guide https://advisera.com/books/preparing-for-iso-certification-audit-plain-english-guide/
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- Free online training ISO 27001:2013 Internal Auditor Course https://training.advisera.com/se/iso-14001-internal-auditor-course/o-27001-internal-auditor-course/

Quote
0 0
Guest
Daniel Okoturo Jan 15, 2021

Thanks for answering the question. I really appreciate...

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 15, 2021

Jan 15, 2021

Suggested Topics

Guest user Created:   Mar 19, 2021 ISO 27001 & 22301
Replies: 3
0 0

ISO 27001 questions

User guest Created:   Jul 14, 2020 ISO 27001 & 22301
Replies: 2
0 0

ISO 27001 queries

Guest user Created:   May 19, 2020 ISO 27001 & 22301
Replies: 1
0 0

Surveillance audit