Professional Documents
Culture Documents
DP1/DP2/DP3
Sources:
Interview,
Documented
Information,
Observed/Seen
No. Clause Annex A Clauses Auditee
16
7.5 Document Controller Sampling
Lead Auditor/Management
Rep./ Process Owners Sampling
Top
Management/Management
23 Rep. Interview Sampling
.
*Note: Triangulation of evidence requires 3 data ponts (sources) pinpointing
to the same audit finding
Evaluation Result
Question/Request (C/NC/OFI/Inconclusive)
Pls. describe the external/internal issues
relevant
Pls. statetothe
theinterested
ISMS. parties (internal
and external), including their needs and
expectations
Pls. show which of these needs and
expectations becomes its compliance
obligation
Pls. show the documented scope of your
ISMS(scope statement) Statement of
Applicability (controlled doc)
Audit the company's ISMS for
conformance
Pls. describe how you demonstrate the
leadership & commitment with respect
to the ISMS(a paragraph to cover a) to
h) (canshow
Pls. be read
theas ainformation
script) security
Policy of Company.(signed information
security policy)
Pls. describe your information security
Policy.