More than just a checklist: With our ISO 27001 guide, we provide valuable impulses for your internal audits. Register now and receive the audit guide "ISO 27001 in practice - Annex A" free of charge.

Read in our guideline

  • Selected measures: Brief summary of systemic and organizational measures (A5 to A8 and A15 to A18).
  • Good audit questions: Sample audit questions based on ISO/IEC 27002, which you should adapt depending on the situation in your organization
  • Evidence, implementation examples, and metrics: Possible evidence, implementation examples, and sample metrics for your guidance on how to respond to questions in the audit

About the content

A well-structured information security management system according to ISO 27001 is the basis for the effective implementation of a holistic information security strategy. The implementation of the measures (controls) in Annex A of the standard is particularly valuable in practice.

Our experts have supplemented this already very practice-oriented Annex A with audit questions, suitable evidence and exemplary key figures for selected measures. Internal auditors can thus specifically check whether and how certain measures have been implemented within their organization and identify any need for action.

How to get to the White Paper

First you need to register. Please use the form on this page.
After registration, you will receive an email from us asking you to confirm your email address. Please note: We cannot send you the White Paper without confirmation.
After confirming your email address, we will send you the White Paper.