SHARE THIS TOPIC  
Ask a Question
Q:

What kind of ISO 27001 audit is the standard one to be certified?

What kind of ISO 27001 audit is the standard one to be certified? Internal, surveillance or stage 1& 2?

compliance icon GRC Q&A
All Replies

Viewing 0 reply threads

  • To go for an ISO audit – we need to have an internal audit done prior to commencing the external audit as it is an ISO 27001 requirement. This needs to be conducted by someone who has ISO experience and we have experienced PS resources who can help execute this.

    Additional, ISO audits are done in a 3 year cycle, the first year the external ISO auditor will look at all ISO controls and provide you with the certification. In year 2 & year 3. they do surveillance audits where they go through a subset of ISO controls for review. All of these audits contain stage 1 and stage 2 as part of the review.

Viewing 0 reply threads

Join the conversation

OR