You're reading from Mastering Information Security Compliance Management A comprehensive handbook on ISO/IEC 27001:2022 compliance

Product type Paperback

Published in Aug 2023

Publisher Packt

ISBN-13 9781803231174

Length 236 pages

Edition 1st Edition

Concepts

Information Security

Authors (2):

Greeshma M. R.

Adarsh Nair

View More author details

Table of Contents (19) Chapters

Preface

1. Part 1: Setting the Stage – Definitions, Concepts, Principles, Standards, and Certifications

2. Chapter 1: Foundations, Standards, and Principles of Information Security FREE CHAPTER

3. Chapter 2: Introduction to ISO 27001

4. Part 2: The Protection Strategy – ISO/IEC 27001/02 Design and Implementation

5. Chapter 3: ISMS Controls

6. Chapter 4: Risk Management

7. Chapter 5: ISMS – Phases of Implementation

8. Chapter 6: Information Security Incident Management

9. Chapter 7: Case Studies – Certification, SoA, and Incident Management

10. Part 3: How to Sustain – Monitoring and Measurement

11. Chapter 8: Audit Principles, Concepts, and Planning

12. Chapter 9: Performing an Audit

13. Chapter 10: Audit Reporting, Follow-Up, and Strategies for Continual Improvement

14. Chapter 11: Auditor Competence and Evaluation

15. Chapter 12: Case Studies – Audit Planning, Reporting Nonconformities, and Audit Reporting

16. Index

Why subscribe?

17. Other Books You May Enjoy

Appendix – Terms and Definitions

Conducting audit activities

The steps in the process of conducting an audit are elaborated on as follows. There are no rules to adhering to this sequence but it can be tweaked according to the characteristics of specific audits:

Assigning roles and responsibilities to guides and observers: The presence of guides and/or observers is agreed upon by the audit team and auditee, following which they may accompany the audit team. They do not form part of the decisions during the audit and the audit team leader is the ultimate decision-maker who can at any point in time discontinue guides/observers if they interfere with audit activities. Guides usually help the audit team members arrange interviews with specific personnel, access specific locations in the organization, abide by the organizational rules of health, safety, or access, or make any general clarifications.
Conducting the opening meeting: The main purpose of the opening meeting is to discuss the audit plan and arrangements...

The rest of the chapter is locked

You're reading from Mastering Information Security Compliance Management A comprehensive handbook on ISO/IEC 27001:2022 compliance

Table of Contents (19) Chapters

Conducting audit activities

Unlock this book and the full library FREE for 7 days

Authors (2)

Personalised recommendations for you