Guest user Created: Jan 12, 2016 Last commented: Jan 12, 2016

Quantity and quality of ISO 27001 documentation for certification audit

I have a question about certified process ISO 27001. I got the list of documents and register mandatory. However, I want to know your feedback regarding certified process. An certifier could evaluate the quality of these documents and register? Or only he evaluated the completeness and quantity? I always have had this question. The process wants both things?. what should I have in consideration for this process?

0 0

Assign topic to the user

Select user

Guest

DejanK Jan 12, 2016

The certification process is performed in 2 stages: Stage 1 audit, also called Document review where your documentation is checked against the standard, and Stage 2 audit, also called Main audit which is performed onsite.

In Stage 1 audit your documentation is checked whether it is compliant with the standard - quantity is not so important as quality because for example smaller companies will have fewer documents but they still need to be compliant with the standard and appropriate for company needs.

However the most important is Stage 2 audit - this is where the auditor will check whether your company performs all the activities that are written in your documents. This means that you may have high-quality documents, but if you don't act accordingly, you will still fail the audit.

Read more here: Becoming ISO 27001 certified - How to prepare for certification audit https://advisera.com/27001academy/iso-27001-certification/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community