filmov
tv
Planning Your ISO 27001 Audit Programme - INTRO
Показать описание
Planning your ISO 27001 audit programme
WEBINAR: 18 May 2022
When implementing ISO 27001, the International Standard for Information Security Management, organisations must follow a process of continual improvement and assure themselves that processes and controls they have implemented are working as intended. This is where internal auditing plays an absolutely pivotal role and getting the balance right regarding the approach (risk-based, process-based, control-based etc.) and how much auditing to provide assurance is vital. This is where internal auditing plays an absolutely pivotal role in providing the necessary assurance.
Having been involved in over 300 successful ISO 27001 certifications, URM Consulting Services (URM) is ideally placed to advise you on the essential activities and tasks you will need to carry out in order to have an effective ISO 27001 auditing function and programme. URM is delivering a series of webinars where it will address all the key components of a successful internal auditing programme. Following on from the overview webinar i.e., ‘The 6 pillars of success’, this webinar is the second in the series and provides invaluable advice on the critical foundation steps when planning your audit programme.
Agenda:
Establishing and communicating benefits for conducting internal audits, particularly to senior management (in addition to the mandatory ISO 27001 requirement)
Factors to consider (business priorities, customer requirements, legal/regulatory requirements, management system requirements, risks to organisation)
Audit programme methodology (ways in which you will conduct audits to ensure consistency, deciding on horizontal or vertical approach)
Audit programme scope (e.g., geographic locations, business function area, number and complexity of management systems, staff to be included etc)
Prioritisation of audits (factoring in key risks to organisations, requirements of ISO 27001 etc)
Ongoing management of programme (assigning lead auditor, establishing procedures, determining auditor competence, monitoring programme)
Setting the audit criteria (policies, procedures, requirements etc against which audit evidence is compared)
Logistical considerations (audit programme reports and inputs, audit reporting templates).
Register to watch full recording.
WEBINAR: 18 May 2022
When implementing ISO 27001, the International Standard for Information Security Management, organisations must follow a process of continual improvement and assure themselves that processes and controls they have implemented are working as intended. This is where internal auditing plays an absolutely pivotal role and getting the balance right regarding the approach (risk-based, process-based, control-based etc.) and how much auditing to provide assurance is vital. This is where internal auditing plays an absolutely pivotal role in providing the necessary assurance.
Having been involved in over 300 successful ISO 27001 certifications, URM Consulting Services (URM) is ideally placed to advise you on the essential activities and tasks you will need to carry out in order to have an effective ISO 27001 auditing function and programme. URM is delivering a series of webinars where it will address all the key components of a successful internal auditing programme. Following on from the overview webinar i.e., ‘The 6 pillars of success’, this webinar is the second in the series and provides invaluable advice on the critical foundation steps when planning your audit programme.
Agenda:
Establishing and communicating benefits for conducting internal audits, particularly to senior management (in addition to the mandatory ISO 27001 requirement)
Factors to consider (business priorities, customer requirements, legal/regulatory requirements, management system requirements, risks to organisation)
Audit programme methodology (ways in which you will conduct audits to ensure consistency, deciding on horizontal or vertical approach)
Audit programme scope (e.g., geographic locations, business function area, number and complexity of management systems, staff to be included etc)
Prioritisation of audits (factoring in key risks to organisations, requirements of ISO 27001 etc)
Ongoing management of programme (assigning lead auditor, establishing procedures, determining auditor competence, monitoring programme)
Setting the audit criteria (policies, procedures, requirements etc against which audit evidence is compared)
Logistical considerations (audit programme reports and inputs, audit reporting templates).
Register to watch full recording.
0:06:01
0:50:11
0:06:59
0:18:22
0:03:20
0:22:48
0:54:05
0:41:44
0:07:11
0:36:27
0:10:12
0:04:20
0:56:22
0:06:28
0:06:39
1:42:35
0:12:25
0:06:01
0:06:42
0:16:01
1:16:03
0:58:25
0:51:05
0:06:01