• (0)
    ISO-27001-ISO-22301-blog

    Tag: “Internal Audit”

    How to perform an ISO 27001 second-party audit of an outsourced supplier
    To focus on their core business, many organizations rely on outsourced suppliers to perform support processes. While this approach may...
    To focus on their core business, many organizations rely on outsourced suppliers to perform support processes. While this approach may bring benefits like costs savings, and access to expert knowledge and state-of-the-art technology, it can...
    7 ways to improve the internal audits of your ISO 27001 ISMS
    ISO 27001:2013 states that the purpose of the internal audit is to check compliance against both “the organization’s own requirements...
    ISO 27001:2013 states that the purpose of the internal audit is to check compliance against both “the organization’s own requirements … and the requirements of this International Standard.” Aside from being a necessity of the...
    How to prepare for an ISO 27001 internal audit
    Many people simply rush in to prepare a checklist and perform the ISO 27001 internal audit – the sooner this “needless”...
    Many people simply rush in to prepare a checklist and perform the ISO 27001 internal audit – the sooner this “needless” job is done, the better. But, such a rush will only create problems, and make...
    Risk assessment vs. internal audit in ISO 27001 and ISO 22301
    Quite often I see people searching for ISO 27001 or ISO 22301 checklists for performing the internal audit; however, they expect those...
    Quite often I see people searching for ISO 27001 or ISO 22301 checklists for performing the internal audit; however, they expect those checklists to help them with, e.g., which information does the organization have, who has access...
    How to maintain the ISMS after the certification
    If you thought that your job was over after the ISO 27001 certification, you’re wrong – the real job with...
    If you thought that your job was over after the ISO 27001 certification, you’re wrong – the real job with your Information Security Management System (ISMS) has just begun. OK, but where do you start?...
    Major vs. minor nonconformities in the certification audit
    If your company is considering going for the certification, it is always a good thing to know what to expect....
    If your company is considering going for the certification, it is always a good thing to know what to expect. Since nonconformities are one of the most important outcomes of the certification audit (and the...