Implementation of the controls before audit
We are in the middle of the development of the ISO 27001 system and are pressed for time with the certification audit coming up soon. Do all identified controls
Assign topic to the user
If you go for the certification audit, you should have most of your controls implemented, and make sure that controls that mitigate the biggest risks are fully implemented.
In other words, you can leave only a smaller number of less significant controls to be implemented after the certification. In such a case, you have to ask risk owners to accept the residual risks.
This article will provide you a further explanation about certification:
- Which questions will the ISO 27001 certification auditor ask? https://advisera.com/27001academy/blog/2015/07/20/which-questions-will-the-iso-27001-certification-auditor-ask/
This material will also help you regarding certification:
- ISO 27001/ISO 22301: The certification process [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001iso-22301-certification-process-free-webinar-demand/
Comment as guest or Sign in
Jun 18, 2020