Expert Advice Community

Guest

ISO 27001 compliance testing

  Quote
Guest
Guest user Created:   Jun 09, 2020 Last commented:   Jun 09, 2020

ISO 27001 compliance testing

Hi. I wanted to get a high-level view of the types of testing i should do for ISO27001 compliance for a new website being built, and the ball-park cost estimates of the price I should be paying an external organization to do that testing?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 09, 2020

The types of tests to be performed will depend on:

  • the requirements defined
  • the results of risk assessment
  • the legal requirements the website must comply with (e.g., GDPR requirements for data owner management of his/her own information)

Broadly speaking, there are basically 3 types of "tests" that can be related to ISO 27001: 

  • vulnerability testing (not mandatory)
  • internal audit (mandatory)
  • certification audit (mandatory only if you need the certificate)

Regarding the cost estimates, the best approach is to request a couple of quotations of companies which provide such tests, so you can make a comparison.

This article will provide you a further explanation about tests:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 09, 2020

Jun 09, 2020

Suggested Topics

Guest user Created:   Mar 06, 2020 ISO 27001 & 22301
Replies: 1
0 0

Toolkit content