‹ All episodes

The ISO Review Podcast

Guidance for Improving your Internal Audits For an Information Security Management System

November 01, 2022 Jim Moran / Howard Fox Season 1 Episode 8
Guidance for Improving your Internal Audits For an Information Security Management System
The ISO Review Podcast
More Info
The ISO Review Podcast
Guidance for Improving your Internal Audits For an Information Security Management System
Nov 01, 2022 Season 1 Episode 8
Jim Moran / Howard Fox

Welcome to the ISO Review Podcast 

In this episode, Howard and Jim discuss, Guidance for Improving your Internal Audits for an Information Security Management System.

Highlights include:

  • Does the information security auditor have the proper security clearance to access documented information.
  • Person Identifiable Information, or other sensitive information, must be handled properly according to any legal requirements that the organization might have.
  • Companies that outsource their internal audit activities, need to ensure that the outsourced auditor needs to be vetted to make sure they can view a sensitive information.
  • The lead auditor needs to determine the extent to which evidence that's not available to the audit team during the audit, affects the confidence in the audit findings.
  • The auditor needs to verify that any documentation required by the audit criteria is going to be available, and that controls have been put in place by the organization that they're auditing.
  • The introduction of Annex A and the Statement of Applicability (SOA) as described in ISO 27002:2022.


In The Next Episode

Howard & Jim will review the changes in the new edition of ISO 27001:2022


Next Steps

Click here to discover more information about the International Management System Institute on our website and to sign up for our newsletter.

Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other ISO requirements that you have to meet.


More about Jim on LinkedIn & YouTube

LinkedIn: https://www.linkedin.com/in/simplifyiso/

LinkedIn Articles: https://www.linkedin.com/in/simplifyiso/detail/recent-activity/posts/

YouTube: https://www.youtube.com/channel/UCrt2Hgj-5AjHKEvyf2ssZ8g


More about Howard

Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.

LinkedIn: https://www.linkedin.com/in/foxcoachinginc/

Apple Podcasts Spotify Amazon Music Podcast Index Overcast TuneIn + Alexa +
Show Notes

Welcome to the ISO Review Podcast 

In this episode, Howard and Jim discuss, Guidance for Improving your Internal Audits for an Information Security Management System.

Highlights include:

  • Does the information security auditor have the proper security clearance to access documented information.
  • Person Identifiable Information, or other sensitive information, must be handled properly according to any legal requirements that the organization might have.
  • Companies that outsource their internal audit activities, need to ensure that the outsourced auditor needs to be vetted to make sure they can view a sensitive information.
  • The lead auditor needs to determine the extent to which evidence that's not available to the audit team during the audit, affects the confidence in the audit findings.
  • The auditor needs to verify that any documentation required by the audit criteria is going to be available, and that controls have been put in place by the organization that they're auditing.
  • The introduction of Annex A and the Statement of Applicability (SOA) as described in ISO 27002:2022.


In The Next Episode

Howard & Jim will review the changes in the new edition of ISO 27001:2022


Next Steps

Click here to discover more information about the International Management System Institute on our website and to sign up for our newsletter.

Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other ISO requirements that you have to meet.


More about Jim on LinkedIn & YouTube

LinkedIn: https://www.linkedin.com/in/simplifyiso/

LinkedIn Articles: https://www.linkedin.com/in/simplifyiso/detail/recent-activity/posts/

YouTube: https://www.youtube.com/channel/UCrt2Hgj-5AjHKEvyf2ssZ8g


More about Howard

Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.

LinkedIn: https://www.linkedin.com/in/foxcoachinginc/