Internal Audit Questions
1. On the first management review meeting should we discuss about the Internal Audit
2. Should the project manager gather all pieces of information during the project implementation
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
1. On the first management review meeting should we discuss about the Internal Audit
Results of performed internal audits are mandatory inputs to be discussed in the management review.
For further information, see:
- Why is management review important for ISO 27001 and ISO 22301? https://advisera.com/27001academy/blog/2014/03/03/why-is-management-review-important-for-iso-27001-and-iso-22301/
2. Should the project manager gather all pieces of information during the project implementation
The project manager is responsible to ensure that information needed for the ISMS implementation is identified and gathered by the information owners (e.g., department heads, process owners, users, etc.).
Please note that the project manager has a coordinator role regarding tasks to be performed in the ISMS implementation project.
For further information, see:
- RACI matrix for ISO 27001 implementation project https://advisera.com/27001academy/blog/2018/11/05/raci-matrix-for-iso-27001-implementation-project/
Comment as guest or Sign in
Sep 01, 2022