BS EN ISO 27007:2022

$189.07

Information security, cybersecurity and privacy protection. Guidelines for information security management systems auditing

Published By	Publication Date	Number of Pages
BSI	2022	48

Guaranteed Safe Checkout

Category: BSI

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

PDF Catalog

PDF Pages	PDF Title
2	undefined
4	European foreword Endorsement notice
7	Foreword
8	Introduction
9	1 Scope 2 Normative references 3 Terms and definitions 4 Principles of auditing 5 Managing an audit programme 5.1 General 5.2 Establishing audit programme objectives
10	5.3 Determining and evaluating audit programme risks and opportunities 5.4 Establishing audit programme 5.4.1 Roles and responsibilities of the individual(s) managing audit programme 5.4.2 Competence of individual(s) managing audit programme 5.4.3 Establishing extent of the audit programme
11	5.4.4 Determining audit programme resources 5.5 Implementing audit programme 5.5.1 General 5.5.2 Defining the objectives, scope and criteria for an individual audit
12	5.5.3 Selecting and determining audit methods 5.5.4 Selecting audit team members 5.5.5 Assigning responsibility for an individual audit to the audit team leader 5.5.6 Managing audit programme results 5.5.7 Managing and maintaining audit programme records
13	5.6 Monitoring audit programme 5.7 Reviewing and improving audit programme 6 Conducting an audit 6.1 General 6.2 Initiating audit 6.2.1 General 6.2.2 Establishing contact with auditee 6.2.3 Determining feasibility of audit 6.3 Preparing audit activities 6.3.1 Performing review of documented information 6.3.2 Audit planning
14	6.3.3 Assigning work to audit team 6.3.4 Preparing documented information for audit 6.4 Conducting audit activities 6.4.1 General 6.4.2 Assigning roles and responsibilities of guides and observers 6.4.3 Conducting opening meeting 6.4.4 Communicating during audit 6.4.5 Audit information availability and access 6.4.6 Reviewing document information while conducting audit
15	6.4.7 Collecting and verifying information 6.4.8 Generating audit findings 6.4.9 Determining audit conclusions 6.4.10 Conducting closing meeting 6.5 Preparing and distributing audit report 6.5.1 Preparing audit report 6.5.2 Distributing audit report 6.6 Completing audit 6.7 Conducting audit follow-up
16	7 Competence and evaluation of auditors 7.1 General 7.2 Determining auditor competence 7.2.1 General 7.2.2 Personal behaviour 7.2.3 Knowledge and skills
17	7.2.4 Achieving auditor competence 7.2.5 Achieving audit team leader competence 7.3 Establishing auditor evaluation criteria 7.4 Selecting appropriate auditor evaluation method 7.5 Conducting auditor evaluation 7.6 Maintaining and improving auditor competence
18	Annex A (informative) Guidance for ISMS auditing practice
47	Bibliography

Additional information

Status	Definitive
Title	Information security, cybersecurity and privacy protection. Guidelines for information security management systems auditing
Corrects	BS ISO/IEC 27007:2020
Replaces	BS ISO/IEC 27007:2017
Publisher	BSI
Committee	IST/33
Pages	48
Publication Date	2022-06-10
ISBN	978 0 539 18403 7
Standard Number	BS EN ISO 27007:2022
Identical National Standard Of	ISO/IEC 27007:2020, EN ISO 27007:2022
Descriptors	Quality auditing, Data security, Computers, Anti-burglar measures, Computer networks, Management, Personnel, Data storage protection, Auditors, Records (documents), Information exchange, Training, Documents, Data processing
ICS Codes	35.030 - IT Security

Preview PDF


PDF Format	Searchable	Printable	Preview Now

BS EN ISO 27007:2022

PDF Catalog

Related products