ISO/IEC 27001:2013 Question Set
This download includes the ISO 27001 mandatory requirements and mapped questions that you can use to internally audit your organisation.
ISO 27001 (ISO/IEC 27001:2013) is the international standard that provides the specification for an information security management system (ISMS). The latest version was published in October 2013.
This standard has been licensed from Standards Australian License No. CL 12206cl for use internally in the 6clicks platform only. This content is made available on a view only basis for the purpose of linking to questions (in an Assessment) and controls (in a Control Set). Use or reproduction of this content outside of the 6clicks platform must be in accordance with your own Standards Australia Licence.
The Standard is designed to help organisations manage their information security processes in line with international best practice while optimising costs. It is technology and vendor neutral and is applicable to all organisations - irrespective of their size, type or nature.
The Standard takes a risk-based approach to information security, requiring organisations to identify threats to their organisation and select appropriate controls to tackle them.
The mandatory requirements are outlined in sections 4-10 of the Standard. There are 27 clauses in total, each with multiple sub-requirements, and are summarised below.
4 Context of the organisation
9 Performance evaluation
Getting StartedEnter your getting started instructions here