Overview

With the release of ISO/IEC 27001:2022 it’s worthwhile to evaluate how you’re going to audit your revised system against this new Standard. With significant changes to Annex A, there will be new things to assess and new opportunities to improve the effectiveness of your Information Security Management System.

It is important that we look at the guidance in ISO/IEC 27007:2020 when we’re planning our internal audits. The new requirements will affect the audit plan in the area of ‘audit criteria’. Auditors will have to understand the intent of the new requirements in order to draw valid conclusions.

To improve the effectiveness of your internal audits, we’ll take a look at how some of the new requirements may affect the way you approach this important activity.

Key takeaways and learning objectives

• The key steps to auditing your new and improved ISMS
• Carrying out the audit
• Reporting the audit results

Awareness and management of the changes to ISO/IEC 27001:2022 can lead to benefits such as improved worker engagement, enhanced information security and organizational sustainability. Keeping your auditors tuned up and ready for the changes will benefit all Stakeholders and create a better ISMS to help build a stronger defense system for your organization.

Presenter information

Speaker - Jim Moran , Training Instructor,  BSI Group

Host - Caio Cologni, Business Development Manager, BSI Group