What we have learnt from ISO27001 Stage One Audit

Posted on

We had our ISO27001 Stage One Audit on August 10, 2021.

The Stage one audit has helped us to identify in which areas we have to improve/comply with, determine what we need to do to meet the expected outcomes. These improvements are as follow:

· Clause 9.3 Management Review Meeting, Senior Leadership Team (SLT) has to discuss the considerations of changes in external and internal issues that are relevant to the information security management system, follow up to fulfill the information security objectives, and feedback from interested parties during SLT meeting.

· Changing ISMS scope, SLT has decided to remove UK and India offices from the scope and to accept the risk. Risk acceptance in ISO language is to accept the risk when the costs would be higher than the impact itself.
We have officially passed Stage One and are getting ready for Stage Two audit that will happen on October 11th.