1. I purchased your Risk Assessment Table and Risk Treatment Table. I have completed this phase of the planning for our ISO Certification. Now, once I have filled out the excel Spreadsheets does that count as my "Risk Report" for purposes of satisfying the mandatory document for Certification audit?
My next step is the SOA correct?
2. What course do you recommend so I can be prepared to do an internal audit and improvement for the ISMS for my company?