Guest user Created: May 19, 2020 Last commented: May 19, 2020

Surveillance audit

We'll have the first surveillance audit in the next 3 months. Finished our Internal Audit a month ago. I just join the team as a Risk&Compliance Manager. How to we prepare for tbe Surv.Audit? I'd like to have an activities plan, kind of a checklist for preparation.

0 0

Assign topic to the user

Select user

Expert

Rhand Leal May 19, 2020

The approach for the surveillance audit is basically the same for a certification audit, the difference being in the fact that in the surveillance not all ISMS scope is audited. Considering that, for the surveillance audit you should check:

the documents required by the ISO 27001 standard and any document that exists in the ISMS
the records used to evidence compliance with the documents (policies, procedures, etc.)
the status of raised internal and external nonconformities, so they are closed, or on schedule before the surveillance audit starts

These articles will provide you a further explanation about preparing for an audit:

Which questions will the ISO 27001 certification auditor ask? https://advisera.com/27001academy/blog/2015/07/20/which-questions-will-the-iso-27001-certification-auditor-ask/
Surveillance visits vs. certification audits https://advisera.com/27001academy/knowledgebase/surveillance-visits-vs-certification-audits/

These materials will also help you regarding preparing for an audit:

Preparing for ISO Certification Audit: A Plain English Guide https://advisera.com/books/preparing-for-iso-certification-audit-plain-english-guide/
ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
Free online training ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

May 19, 2020

Expert Advice Community