Expert Advice Community

Guest

Internal audit after certification

  Quote
Guest
Guest user Created:   Feb 11, 2020 Last commented:   Feb 11, 2020

Internal audit after certification

Dear Advisera team, greetings. Just some clarification on the topic of the Internal Audits that one needs to do after the certification. Do we need to audit aspects of ISMS on the IA (like Leadership & Commitment (5.1))? I ask because the external auditors on the surveillance audit will for sure check the ISMS level of implementation on the business, but can I just check on annex A controls? What is mandatory (and what would you recommend)? Many thanks in advance.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 11, 2020

ISO 27001 requires an internal audit to be performed considering all mandatory requirements from sections 4 to 10 and all controls identified as applicable in the statement of applicability. Considering that, you have to audit section 5.1, regardless of the external auditors will audit this clause.

This article will provide you a further explanation about surveillance audit:

These materials will also help you regarding internal audit:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 11, 2020

Feb 11, 2020

Suggested Topics