Description

Howard and Jim chat about ISO 27007 - Guidance for Information Security Management Systems Auditing.

Items discussed include:

• Plan - Do - Check - Act  Approach.
• Getting clients to ask their auditees if the procedure, the way it's been implemented, is getting them the results they want.
• The purpose of auditing is to see if you're getting the results you want.
• Part of the audit is to see if the objectives are really sensible.
• Asking during the audit if there's any possible way the auditees think that procedures, processes, and the implementation could be improved.
• The reocmmended frequency for performing audits.
• Review the competency of the individuals and teams assigned to perform the audit.

During the next episode of the ISO review Podcast, we'll discuss the Statement of Applicability document.

Next Steps

Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other ISO requirements that you have to meet.

Learn more about Jim on LinkedIn & YouTube

LinkedIn: https://www.linkedin.com/in/simplifyiso/

LinkedIn Articles: https://www.linkedin.com/in/simplifyiso/detail/recent-activity/posts/

YouTube: https://www.youtube.com/channel/UCrt2Hgj-5AjHKEvyf2ssZ8g

Learn more about Howard

Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.

LinkedIn: https://www.linkedin.com/in/foxcoachinginc/