Scribd
Upload
740 views15 pages

Closing Meeting PPT Sample ISO27001

This document summarizes the closing meeting for the Stage 2 Audit of CyberSecurityGuide Group to the ISO 27001:2013 standard. The auditors thanked management and auditees for their cooperation and participation. Noteworthy efforts included effective ISMS documentation, trainings, vulnerability testing, and internal audits. The scope of certification covers IT services at the corporate office and disaster recovery center. Two non-conformities and three opportunities for improvement were found. Confidentiality of audit findings was assured. An appeals procedure was outlined. The auditors recommended CyberSecurityGuide Group for ISMS certification.

Uploaded by

Varinder Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
740 views15 pages

Closing Meeting PPT Sample ISO27001

This document summarizes the closing meeting for the Stage 2 Audit of CyberSecurityGuide Group to the ISO 27001:2013 standard. The auditors thanked management and auditees for their cooperation and participation. Noteworthy efforts included effective ISMS documentation, trainings, vulnerability testing, and internal audits. The scope of certification covers IT services at the corporate office and disaster recovery center. Two non-conformities and three opportunities for improvement were found. Confidentiality of audit findings was assured. An appeals procedure was outlined. The auditors recommended CyberSecurityGuide Group for ISMS certification.

Uploaded by

Varinder Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 15

Closing Meeting

Stage2 Audit
ISO 27001:2013 Sample Audit Report ISO 27001
www.cybersecurityguide.in
Varinder Kumar
CISA, LA 27001, CEH, CCE, MBA

@cyber24x7
Management Appreciation

 Thanks to the Management of CyberSecurityGuide for

 Providing <The Auditing Company> an opportunity to be your service partner

 Providing full co-operation and facilities for audit

 Arranging the auditees and guides as per audit schedule


Auditee Team Appreciation

 Thanks to the auditees for

 Open Participation

 Active participation of the teams resulting in synergy

 Availability as per audit plan , ensuring timely completion

 Transparency and sharing evidences for conclusion of the control validation

 Receptiveness during audit

 Efficient Information provision


Noteworthy Efforts

 ISMS Framework Documentation


 Regular ISMS Trainings
 Planned VAPT exercises with in-depth coverage of assets, closure of identified vulnerabilities.
 Information Security Project Management to measure security risks during implementation of
technology stack
 Effectiveness of IT controls is tracked during internal audits
 Effective cross functional Internal Audits across organization with certified internal auditors
Scope of Certification

 The management of information security applies to IT Data Centre, IT Infrastructure and SAP applications of
CyberSecurityGuide Group located at the Corporate Office, Bangalore, providing IT services like Server Management,
Network devices management, SAP Applications & Database Management, IT Security and Helpdesk Management and
Business Continuity Planning and Disaster Recovery services at Disaster recovery centre located at Chennai.

This is in accordance with the Statement of Applicability V7.0 dated 7 th April, 1983
Assessment Criteria

• ISO 27001:2013
• Applicable legal & other requirements.
• CyberSecurityGuide Group’s Own requirements.
• Interested Parties requirements.
Assessment Team

• Team Leader : Varinder Kumar


• Team Member : Akash Singal
• Team Member : Narendera Modi
Disclaimer

Please do not consider these findings as Performance Indicators of


 An individual
 A Department / Process / Account /Contractual engagement

Reason
 This is a sample based audit so “Sampling Limitations” exist. Audit outcomes are based on the sample selected by the
auditor.
 Compliance does not equal security or continuity or resilience but non-compliance equals risk.
 Auditors perform their duty without any prejudices against anyone and there are no targets set for auditors to raise
non-compliances.
Audit Findings
Sample Audit Report ISO 27001
www.cybersecurityguide.in
Summary Of Findings

 No Major deviations found during assessment

 Findings recorded are

 Opportunity for Improvements – 3

 Non Conformities - 2
Audit Result

We are pleased to recommend


the CyberSecurityGuide Group for
Certification of ISMS Certificate
Confidentiality

 Audit Findings, Records, Audit Notes, etc. Shall not be divulged to any third party.

 No sensitive information is collected or recorded by auditors.

 All Auditors have signed an NDA with <The Auditing Company>

 <The Auditing Company> has signed an NDA with your organization

 We are governed by Accreditation Boards & Statutory / Regulatory Authorities, and if there is any requirement, then we
will obtain written permission from your management prior to providing any information.
Appeals Procedure

 Appeals procedure against audit decision

 Independent Review of audit report

 Non-conformities if found unjust are revoked


Thank You

You might also like