Internal audit frequency
Assign topic to the user
Answer:
ISO 27001 does not prescribes frequency to perform internal audits, but requires that audits mus be planned considering the importance of the processes involved and the results of previous audits. For a certified ISO 27001 ISMS you have to ensure all elements in the scope are internally audited at least once during the certification period (three years).
This article will provide you further explanation about planning internal audits:
- How to prepare for an ISO 27001 internal audit https://advisera.com/27001academy/blog/2016/07/11/how-to-prepare-for-an-iso-27001-internal-audit/
These materials will also help you regarding internal audits:
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/
Comment as guest or Sign in
Apr 02, 2019