Expert Advice Community

Guest

ITGC

  Quote
Guest
Guest user Created:   Dec 01, 2018 Last commented:   Dec 01, 2018

ITGC

1.What is ITGC controls and how it is related to ISO 27001 ?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Dec 01, 2018

Answer:

IT General Controls are controls that are common to IT processes, providing stable and effective operation of application controls. They cover fields like creation / acquisition of systems, SDLC Process, access control, back up, change control, etc. ISO 27001 is one way to implement ITGC, providing objectives and, through ISO 27002, detailed implementation guidance.

For more information, please see: - The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/

2.What is the difference between external and internal auditors and practically how internal auditor assists external auditor ?

Answer:

The internal auditor performs audits on behalf of the organization that owns the management system, while the external auditor performs audits on behalf of an organization's client (second-party auditor) or a certification body (third-party auditor). Norm ally the internal auditor may act as the guide for the external auditor, providing some general orientation for the performing of the external audit.

These articles will provide you further explanation about auditors:
- How to become ISO 27001 Lead Auditor https://advisera.com/27001academy/knowledgebase/how-to-become-iso-27001-lead-auditor/
- Qualifications for an ISO 27001 Internal Auditor https://advisera.com/27001academy/blog/2015/03/30/qualifications-for-an-iso-27001-internal-auditor/
- First-, Second- & Third-Party Audits, what are the differences? https://advisera.com/9001academy/blog/2015/02/24/first-second-third-party-audits-differences/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Dec 01, 2018

Dec 01, 2018

Suggested Topics

Guest user Created:   Jan 10, 2019 ISO 27001 & 22301
Replies: 1
0 0

GRC and ISO 27001

Guest user Created:   Feb 06, 2019 ISO 27001 & 22301
Replies: 1
0 0

Risk management