Performing internal audit as a service
Assign topic to the user
Answer:
The exam for our ISO 27001 Internal Auditor Course does not require an experience in a specific industry - the exam requires you to prove that you have learned the curriculum that was presented in the course.
I understand that your intention is to provide internal audit as a service to your clients, and the point is that you will be much more successful performing this internal audit in the industries where you have experience. On the other hand, for most industries there are no laws or regulations that would prevent you from performing an internal audit in those companies, so if you can convince those companies to use your services, you are free to use that opportunity. In some industries (like banking) there might be regulations which strictly regulate who can perform IT or information security audits.
By the way, you should not mention "third party" phrase in the context of an internal audit, because the phrase "third party audit" means the certification audit performed by certification bodies.
Comment as guest or Sign in
Jun 21, 2016