The content of this section is written for the ISO27001 – Soon we will add notes and tips for other frameworks as well.
The Audit View section can be used for multiple purposes:
Track progress during implementation; We have a progress bar on the dashboard – where you need to answer questions high level to score your progress along the way. In this Audit view you connect requirements to evidence such as documentation, implementation activities, and improvements – so a very detailed progress overview.
Final check of Statement of Applicability (SoA); In the Statement of Applicability, you will need to indicate if you have documented and have implemented the requirements. In Audit View you can show the evidence of the documentation and the implementation. Please make sure that the SoA is aligned with the Audit view with respect to the applicabilities.
For Internal Audits; In the section templates, you can find the template for the internal audit for ISO 27001 – please use the 2022 version. This is an Excel file where we have defined 385+ criteria for all requirements of ISO 27001. This template is part of the Internal Audit Policy, where we describe the procedure of the Internal process. The Audit View can replace this template in the procedure and it can help you to connect your evidence in the Audit View.
During External Audits; The external auditor is using the same list as Audit View for his audit. So this audit view is the best cheat sheet during the audit. You can even give access to the auditor to this section, so he can during reporting make use of that information for his report.
General information about this section
- Depending on your subscription Audit View has been created for 1 or more frameworks or regulations. Please reach out to us (email@example.com) if need more frameworks or want to upload your own customized list of requirements.
- Every framework/regulation consists of a set of chapters and controls. Only Compleye can make changes to this list. Please reach out to us if you think we have made a mistake or error in the list.
- The audit view consists of the following columns:
Applicability: By default, everything is set to ‘Yes’, you can select the controls that are not applicable to your scope. Please make sure that your SoA is aligned with this view.
Evidence of implementation: Add evidence by making use of the blue +Add evidence, and select first the type of evidence
- OPC’s, Policies & Procedures, Improvements All individual items in these sections that you have created, can be added as evidence and you can re-use the items for multiple controls.
- Others: This can be either a link to a tool or document in your own environment or a link to a section in Compleye Online. Or you can add a screenshot or document. You will need to name this piece of evidence – give a title, so you will recognize what you have added.
Once you have added all the evidence, you have the ability to see all the evidence in 1 overview by clicking on ‘See all evidence’. Every piece of evidence is connected by a hyperlink and will open a new tab. In this overview, you can easily delete evidence by making use of the 3 dots [,,,] on the right side of every piece of evidence.
Or add more evidence by making use of the Blue +Add evidence button.
REAL-TIME AUDIT – Soon available – with defined criteria, we will give a real-time status of the evidence –