ISO 27001 Stage 1 and Stage 2 audit
Assign topic to the user
Answer: ISO 27001 Stage 1 certification audit is also called "Documentation review" - the auditor will evaluate whether you have all the mandatory documentation. You can find the list of mandatory documents in this blog post: List of mandatory documents required by ISO 27001
What is the difference in stage 1 and stage 2?
Answer: The main difference is that Stage 1 is rather theoretical (it is about reading documents), whereas Stage 2 is very practical - this is where the auditor goes around your company, speaks to your employees, looks for logs and other records, observes the effectiveness of your safeguards, etc. Learn more about it in this webinar: ISO 27001/ISO 22301: The certification process
Comment as guest or Sign in
Jan 12, 2016