ISO27001 Assessments Without Tears

CHAPTER 4: ANSWERING AUDITORS’ QUESTIONS

In a third party accredited certification audit to any management system standard the auditor can ask anyone questions, although this is even more likely in the case of the information security management system standard, ISO 27001, so you are advised to pay particular attention to this section.

There are some basic ‘ground rules’:

• First and foremost, remember that you are not ‘on trial’, under examination or on oath. This is not an inquisition! The auditor is testing the system, not your knowledge. You must, however, know the location of procedures and use the correct forms, at the correct issue level.

• Remember that the auditors are impartial and try to be fair at all times. Your organisation ...

Get ISO27001 Assessments Without Tears now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ISO27001 Assessments Without Tears by

CHAPTER 4: ANSWERING AUDITORS’ QUESTIONS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly