Internal audit (Clause 9.2)

- [Instructor] Nobody likes getting audited. It feels like you and your work are being judged and you'll get in trouble for missing even the tiniest detail. But for ISO 27001, audits are an important part of the performance evaluation process. They're designed to improve your organization's information security management system or ISMS. In this video, you'll learn about Clause 9.2 Internal Audit and how audits must be performed to help make your ISMS better. Clause 9.2 requires your organization to conduct regular internal audits. The purpose of these audits is to confirm that your ISMS is being effectively implemented and maintained, conforms with your organization's own requirements for its ISMS, and complies with the requirements of ISO 27001. To successfully conduct internal audits, your organization must plan, establish, implement, and maintain an audit program, define the audit criteria in scope for each audit,…
