URM’s blog explores key updates to medical device standards, regulations & guidance documents, helping manufacturers understand what’s coming & how to prepare.

Events

About Us

About URM

Overview

URM Core Values

Certifications

CSR

Testimonials

Partners

Our Partners

Become Partner

Subscribe to our mailing list

Governance, Risk Management and Compliance

Information Security

Internal Audit

FAQ

What are the pitfalls to avoid in conducting ISO 27001 audits?

Some pitfalls to avoid when organising and conducting an ISO 27001 audit include:

Not communicating the scope and criteria effectively enough for the audit and inadequate planning/confirmation with the departments/areas being audited.
Allowing auditees to assume control of the audit, potentially avoiding responses to the questions asked
Not collecting adequate objective evidence to support statements of conformance or nonconformance
Allowing subjectivity to influence audit findings and conclusions - i.e. not being objective
Being poorly prepared and not understanding the policies, clauses or controls that are being audited
Following audit trails that are inconsequential and compromise the ability to conduct the audit in the available timeframe.

Contact Audit Experts Today

related BLog

No items found.

Our URM QSA always consults with the aim of making compliance as straightforward as possible, and pointed us towards a way of significantly minimising and streamlining our assessment scope that neither we nor our previous PCI DSS consultancy provider had considered.

Ambrose Neville

CISO at University of Surrey