ISO 27001 Clause 9.2 Internal audit
Activity ISO 27001 Clause 9.2 Internal audit, The organization conducts internal audits to supply information on conformity of the ISMS to the wants. Implementation Guideline Evaluating an ISMS at planned intervals by means of internal audits provides assurance of the status of the ISMS to top management. Auditing is characterized by variety of principles: integrity; fair presentation; due professional care; confidentiality; independence; and evidence-based approach (see ISO 19011 ). Internal audits provide information on whether the ISMS conform to the organization’s own requirements for its ISMS also on the wants in ISO/IEC 27001. Related Products: – ISO 27001 Lead Auditor Training & Certification The organization’s own requirements include: Requirements stated within the information security policy and procedures; Requirements produced by the framework for setting Information security objectives , including outcome...