Yes - Clause 9.2 of the Standard makes this requirement explicit. Remember, you must audit to assess whether your ISMS is meeting your own organisational requirements as well as the requirements of the Standard and that it is effectively implemented and maintained.
related BLog
No items found.
"
After a bad experience with a previous provider, we looked to URM for QSA support. The URM QSA we have worked with is phenomenal, and considerably better than our previous QSAs. My team enjoy working with him, and find him to be extremely credible and effective.
CISO at University of Surrey
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.