The audit process can be a daunting one as an auditor can direct questions at any employee within your organisation. Written in a clear plain style, this pocket guide offers a tried and tested briefing, and should be issuedto staff in advance of the audit to help them prepare for the experienceand be well equipped to answer questions when asked. This pocket book explains what an ISO 27001 assessment is, why organisations bother with them, and what individual staff should do and, perhaps as importantly, not do if an auditor chooses to question them.

• Cover
• Title
• Copyright
• About The Author
• Contents
• Introduction
• Chapter 1: What Are Assessments?
• Chapter 2: Why Information Security?
• Chapter 3: What Actually Happens During An Assessment?
• Chapter 4: Answering Auditors’ Questions
• Chapter 5: What Happens When The Auditor Finds Something Wrong?
• Chapter 6: Policies
• Chapter 7: Further Advice and Assistance
• Appendix 1: Definitions of Terms
• ITG Resources