Are You Ready for an ISMS Audit Based on ISO/IEC 27001?
This guide for organizations wishing to carry out internal assessment of their information security management system (ISMS) against the requirements in ISO/IEC 27001:2005 either as a precursor to an internal ISMS auditor in preparation for a formal third-party ISMS certification.
What people are saying - Write a review
We haven't found any reviews in the usual places.
27001 Information security 3.2 for details additional sheets already addressed appropriate Aspect Reasons Aspect YES PARTIAL aspects are already assets based on ISO/IEC boxes marked YES COMMENTS Communications and operations compliance Consider the following contractors and third-party control measures Control Reasons Control requirement YES Enter a wider Establish the ISMS external parties following aspects relating following boxes helpful to detail Implementation status indicate the reasons Information security management information-processing facilities internal ISMS audits ISO/IEC 27001 Information justiﬁcation with reference management review includes marked either YES modiﬁcation Monitor and review operate the ISMS preventive actions procedure ensure process ensure process in place protected reasons and justiﬁcation reference to supporting relevant requirement YES PARTIAL Requirements 4.2.1 Establish Requirements A.10 Communications requirements speciﬁed responsibilities risk assessment risk treatment plan section 3.2 security management systems sheets if necessary Statement of Applicability supporting evidence third-party users Tick one box unauthorized access wider explanation workbook