Quantity and quality of ISO 27001 documentation for certification audit
Assign topic to the user
The certification process is performed in 2 stages: Stage 1 audit, also called Document review where your documentation is checked against the standard, and Stage 2 audit, also called Main audit which is performed onsite.
In Stage 1 audit your documentation is checked whether it is compliant with the standard - quantity is not so important as quality because for example smaller companies will have fewer documents but they still need to be compliant with the standard and appropriate for company needs.
However the most important is Stage 2 audit - this is where the auditor will check whether your company performs all the activities that are written in your documents. This means that you may have high-quality documents, but if you don't act accordingly, you will still fail the audit.
Read more here: Becoming ISO 27001 certified - How to prepare for certification audit https://advisera.com/27001academy/iso-27001-certification/
Comment as guest or Sign in
Jan 12, 2016