ISO 27001 Stage 1 & 2 Audits
I have been advised that UKAS rules state, following a Stage 1 audit, the Stage 2 audit must be carried out within 3 months of the Stage 1. Please could you confirm if there is indeed a time limit between the audits, and if so, advise what this time limit is.
Assign topic to the user
The standard ISO 17021, which defines requirements for bodies providing audit and certification of management systems, in its clause 9.3.1.2.4, requires certification bodies to determine an interval between performing stage 1 and stage 2 audits but does not prescribe any specific interval, so the interval is defined according to each accreditation body.
Common practice is an interval between 30 and 90 days.
Comment as guest or Sign in
Sep 29, 2022