Navigation:


DISCUSSIONS > IT AUDITING [ REFRESH ]
Thread Title: List of relevant IT legislation
Created On Thursday August 08, 2013 6:00 AM
  List of relevant IT legislation


LauraAnn


Posts: 1
Joined: Aug 2013

Thursday August 08, 2013 6:00 AM

User is offline View users profile View thread in raw text format

Our IT department was recently audited for ISO27001. As their internal auditors, we were interviewed about our processes, and the assessor noted that we do not maintain a list of relevant legislation. As qualified, practicing IT auditors I had assumed we were aware of the legal and regulatory framework without needing a list! But maybe this could be helpful, and in any case we will need to do this to clear the point the auditor raised - so before I start making the list I thought I would ask if anyone has done this, and how you make it useful, rather than just being something you put away until the next ISO audit.
Thanks
Laura

Reply
Quote
Top
Bottom

DISCUSSIONS > IT AUDITING [ REFRESH ]
The Institute of Internal Auditors • 247 Maitland Avenue Altamonte Springs, FL. 32701-4201 USA
+1-407-937-1100 • FAX +1-407-937-1101 • www.theiia.org