No matter how well prepared your ISMS, risk owners and IT staff, the audit process can be a daunting one. With auditors able to question anyone within the organization this pocket guide offers a well tried and tested briefing that can be issued to all staff to help prepare them just in case they are approached by the auditor.

This pocket book explains what an ISO 27001 assessment is, why organisations bother with them, and what individual staff should do and, perhaps as importantly, not do if an auditor chooses to question them.
pocket guide explains in clear, plain-English:

Why information security is important
What happens during an assessment
What to consider when answering an auditor’s questions
What happens when an auditor finds something wrong
Your policies and how to prepare
Further information: who to ask
And finally there is an appendix explaining some of the terms used in this pocket book.
With the IT Governance brand behind it, this guide brings the authority of external, recognised expertise and helps underline the message that information security is important. A small investment here is another indicator of management’s commitment to both information security and achieving ISO 27001 certification.

This pocket book is the perfect tool to train everybody inside your organisation to play their part in your ISO 27001 assessment.