It depends on what you're auditing. To (internally) audit an ISMS, you have to have a) audit scope and b) audit criteria. Did you have any training on auditing? Didn't the instructor cover this during training? You could find a checklist, but then, and most importantly, it would end up being like fitting a square peg into a round hole...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to the use of cookies.