Whilst ISO 19011 is not mandatory, it is recommended that auditors align to this guidance where appropriate to the specific needs and requirements of their audit programme. Additional standards relevant to ISO 27001 may also be used when auditing individual elements of your ISMS:
- ISO 27007:2020 provides guidance on ISMS auditing and concentrates on Clauses 4-10 of the Standard
- ISO 27008:2019 provides guidance for the assessment of information security controls (Annex A of the Standard).
related BLog
No items found.
"
From beginning to end URM made achieving PCI compliance incredibly easy & worked with us to educate us on the requirements. They were always available for a call whenever we needed to discuss queries along the way & were always flexible to our internal deadlines. We would highly recommend URM from a consultancy & auditing perspective.
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.