Guest
Performing Gap Analysis
What is the best practice to perform the Gap Analysis and further steps to reduce the gaps? The steps and process to follow.
Assign topic to the user
Expert
Rhand Leal
Nov 26, 2018
Answer:
The best approach is to develop a checklist of which items you need to verify, and which results you have to find to define if there is a gap or not. Based on that approach it is easier to develop action plans to eliminate the gaps.
Regarding ISO 27001, I suggest you to take a look at our free ISO 27001 Gap Analysis Tool at this link: https://advisera.com/27001academy/free-iso-27001-gap-analysis-tool/
It was developed as a simple question-and-answer questionnaire so you can visualize which specific elements of an information security management system are already implemented, and what is still needed to do.
For more information, see:
- How to make an Internal Audit checklist for ISO 27001 / ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/
- Practical use of corrective actions for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2013/12/09/practical-use-of-corrective-actions-for-iso-27001-and-iso-22301/
Comment as guest or Sign in
Nov 26, 2018
Nov 26, 2018
Nov 26, 2018