ISO 27001 - Auditing an Information Security Management System. What Specific Guidance is Available?

Show Notes

Welcome to the ISO Review Podcast

In this episode, Howard and Jim continue their conversation about ISO 27001, Information Security Management System (ISMS) to Manage Cyber Attacks, and unpack what specific guidance is available on how to perform an internal audit.

Highlights

Jim talks about the creation of the ISO 27007, Information Security, Cyber Security, and Privacy Protection, released in 2020, which provide guidelines for information security management systems auditing.

Audit Takeaways 

1.  Are we getting the results we want?
2.  Are we managing risks related to this activity?
3.  Is there anything the auditee can think of that would help make their life better relative to the safety we want to have around information security? 

Future Episode Idea

• How to become a Certified Lead Auditor.
• Who is the body that certifies lead auditors.
• What are the courses that need to be taken.  
• What experience does a prospective auditor need to have. 

Next Steps

Click here to discover more information about the International Management System Institute on our website and to sign up for our newsletter.

Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, any any other ISO requirements that you have to meet.

Click here to learn more about Management System Implementation Training Courses available at The Learning Alliance.

More about Jim on LinkedIn & YouTube

LinkedIn: https://www.linkedin.com/in/simplifyiso/

LinkedIn Articles: https://www.linkedin.com/in/simplifyiso/detail/recent-activity/posts/

YouTube: https://www.youtube.com/channel/UCrt2Hgj-5AjHKEvyf2ssZ8g

More about Howard

Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.

LinkedIn: https://www.linkedin.com/in/foxcoachinginc/