I’m assuming your question is about a certification audit.
Considering that, to successfully clear a certification audit you need to implement the Information Security Management System according to ISO 27001 requirements, which involves:
- getting management buy-in for the project;
- defining ISMS basic framework (e.g., scope, objectives, organizational structure), by understanding organizational and requirements of interested parties;
- development of risk assessment and treatment methodology;
- perform a risk assessment and define a risk treatment plan;
- controls implementation (e.g., policies and procedures documentation, acquisitions, etc.);
- people training and awareness;
- controls operation;
- performance monitoring and measurement;
- perform internal audit;
- perform management critical review; and
- address nonconformities, corrective actions, and opportunities for improvement.
This article will provide you a further explanation about ISMS implementation:
About required documents, please see this article:
To see how documents compliant with ISO 27001 looks like, please take a look at the free demo of our ISO 27001 Documentation Toolkit: https://advisera.com/27001academy/iso-27001-documentation-toolkit/