How to Prepare for an ISO 27001 Audit

If you’re just getting started, the process of getting ready for ISO 27001 certification can be overwhelming.

Completing a risk assessment, building your ISMS, writing policies and implementing controls — it’s difficult to know where to start, and little practical guidance is available for those pursuing ISO 27001 certification for the first time.

We’ve created this section to help you understand best practices so you go into your ISO 27001 audit confidently, and save time and effort along the way.

ISO 27001 Documentation: What’s Required for Compliance?

Find a list of documents you’ll need to prepare ahead of your certification audit.

Explore Resource

ISO 27001 Evidence Collection List for Your Certification Audit

Learn what evidence you’ll need to collect to prove the strength of your security controls to your auditor.

Explore Resource

How to Do an ISO 27001 Risk Assessment

Follow a step-by-step process for completing a risk assessment, plus find resources to simplify and streamline along the way.

Explore Resource

How to Conduct an ISO 27001 Internal Audit

Learn how often you should conduct an internal audit, the steps for completing one, and get an internal audit checklist to guide you through.

Explore Resource

Product

Risk Management

Vendor Security Reviews

Supported Frameworks

Solutions

Top Frameworks

Partner Types

Partner Program

Security and Compliance Resources

Framework Resources

Customer Resources

Company