Whilst ISO 19011 is not mandatory, it is recommended that auditors align to this guidance where appropriate to the specific needs and requirements of their audit programme. Additional standards relevant to ISO 27001 may also be used when auditing individual elements of your ISMS:
- ISO 27007:2020 provides guidance on ISMS auditing and concentrates on Clauses 4-10 of the Standard
- ISO 27008:2019 provides guidance for the assessment of information security controls (Annex A of the Standard).
related BLog
No items found.
"
On our path of growing our business, we have found in URM a very capable and knowledgeable consultancy firm to guide and structure our processes towards SOC 2 compliance. The consultancy by URM played an essential role in building our competences and expanding the compliance framework for our SaaS based propositions.
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.