How can an organisation conduct internal audits on an ISMS to comply with ISO 27001?

Your organisation should aim to conduct internal audits on the mandatory clauses of the Standard, Annex A controls, other relevant controls, and your own organisational processes that support the implementation of your ISMS.  The Standard promotes the use of a risk-based approach to auditing, i.e., the areas that are likely to suffer the greatest impact of a risk or is the most vulnerable should be prioritised.  You should aim to have completed an audit on every element of your organisation at least once over a 3 year period.

No items found.
"
I found the course very informative, and the trainer was communicative, supportive and engaging. He is very skilled at adapting to the different types of people and transferring knowledge in a way that sticks with attendees; he delivered the same training over 2 years ago and I still remember the things he taught us. We will definitely be recommending him to other businesses that want to learn about ISO standards. Definitely a great asset to the company.
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.