1. Latest News
  2. Submit Press Release
  1. PR Home
  2. Latest News
  3. Feeds
  4. Alerts
  5. Submit Free Press Release
  6. Journalist Account

Country News
United States
Australia
India
Hong Kong
United Kingdom
- - -
More Countries


Industry News





June 2012
Su Sa Fr Th We Tu Mo
3 2 1
May 2012
31 30 29 28

ISO 27001 auditing guideline (iso 27001)

ISMS Auditing Guideline This guideline provides advice to IT auditors reviewing compliance with the ISO/IEC 27000 family of standards, principally ISO/IEC 27001

FOR IMMEDIATE RELEASE

 
AVA
AVA
PRLog (Press Release) - Mar 02, 2010 -
This guideline has been written by members of the ISO27k Implementers' Forum, an international online community of nearly 1,000 practitioners actively using the ISO/IEC 27000-family of Information Security Management Systems (ISMS) standards known colloquially as "ISO27k", and based at ISO27001security.com.   Our primary aim is to contribute to the development of the new standard ISO/IEC 27007 by providing what we, as experienced ISMS implementers and IT/ISMS auditors, believe is worthwhile content.  A secondary aim is to provide a pragmatic and useful guideline for those involved in auditing ISMSs.
At the time of first writing this guideline (February-March 2008), ISO/IEC 27007 is currently at the first Working Draft stage ("ISO/IEC WD 27007") and has been circulated to ISO member bodies for study and comment by March 14th 2008.  Its working title is "Information technology - Security techniques - Guidelines for information security management systems auditing".
The proposed outline structure of ISO/IEC WD 27007 is presently as follows:
•   Foreword and introduction
1.   Scope
2.   Normative references
3.   Terms and definitions
4.   Principles of auditing
5.   Managing an audit programme
6.   Audit activities
7.   Competence and evaluation of auditors
•   Bibliography
In the proposed structure, section 6 should presumably explain how to go about auditing an ISMS.  The current working draft has headings for a guide to the audit process but little content on the actual audit tests to be performed, although in section 6.3.1 it identifies a list of items that are required by ISO/IEC 27001 and says that "Auditors should check that all these documents exist and conform to the requirements in ISO/IEC 27001:2005".  This is probably the most basic type of ISMS audit test: are the specified ISMS documents present?  We feel that a generic ISMS audit checklist (often called an "Internal Controls Questionnaire" by IT auditors) would be a very useful addition to the standard and producing one was a key aim of this guideline – in fact we have produced two (see the appendices).  We also aim to contribute content to various other parts of the draft 27007 and hope to track its development through future revisions.
This guideline follows the present structure and section numbering of ISO/IEC WD 27007 for convenient cross-referencing.

Photo:
http://www.prlog.org/10556600/1

# # #

Ava consultant
ISO system manajemen system :
iso 9001:2008
iso 14001:2004
iso18001:2007
iso/ts 16949
iso 22000
etc

--- end ---

Click to Share

Contact Email:
***@avaconsultant.com Email Verified
Source:azharudin
Phone:62 21 7316298
Fax:62 21 7316298
Address:Jl. KH Hasyim Azhari no.8 karang tengah ciledug
:tangerang
Zip:15224
City/Town:Tangerang
State/Province:Banten
Country:Indonesia
Industry:Software, It, Computer
Tags:, konsultant, ,
Last Updated:Mar 02, 2010
Shortcut:http://prlog.org/10556600
Disclaimer:   Issuers of the press releases are solely responsible for the content of their press releases. PRLog can't be held liable for the content posted by others.   Report Abuse

Upcoming Press Releases...

Similar ?
Most Viewed Weekly
Daily News!

Mar 02, 2010 News



  1. SiteMap
  2. Privacy Policy
  3. Terms of Service
  4. Copyright Notice
  5. About
  6. Advertise
Like PRLog?
3.5K1.4K1.3K
Click to Share