ISO 27001:2022. How to prepare for a certification audit

The ISO 27001:2022 certification is an internationally recognized standard for establishing, implementing, maintaining, and continuously improving an information security management system (ISMS). This course is designed to provide participants with the knowledge and skills necessary to effectively prepare for a certification audit according to the ISO 27001:2022 standard. The course will cover essential tasks that need to be addressed Before, During, and After the certification audit process.

Course Outline:

0. General information about audits

1. Before the audit

1. Choose a certification body
2. Review a non-disclosure agreement (NDA)
3. Request and check the audit plan in advance
4. Conduct a brief self-assessment
5. Check the mandatory ISMS documents
6. Prepare and send documents to the lead auditors
7. Take care of the auditors
8. Strengthen the motivation of employees
9. Hold an internal briefing meeting
10. Send a reminder to employees
11. Train your employees to avoid common mistakes
12. Prepare a detailed presentation about the company and the ISMS
13. Check again that the clear desk and clear screen policy is followed by employees
14. Print the most important documents

2. During the audit

1. Invite top management to the meetings
2. Adhere to high standards of communication
3. Hold a meeting with the ISMS team after each audit day
4. Take notes during the audit

3. After the audit

1. Check the audit report
2. Plan for improvements and corrective actions
3. Check the certificate
4. Discuss the results and thank the team

Join this course to gain the knowledge and skills necessary to successfully prepare for an ISO 27001:2022 certification audit and establish a robust information security management system within your organization.

!This is important! This course is not about how to implement an ISMS, but how to prepare for the certification audit when the ISMS is already implemented.