The ISO / IEC 27001: 2017 checklists in the toolkit are entirely dedicated to the requirements of the standard and the application of the security controls provided for in ANNEX A.

They allow the collection of valuable information not only relating to the compliance of the management system and the verification of the application of information security controls in the company but also to its adequacy.

The usefulness of the checklists is found mainly on the occasion:

  • The preliminary analysis of the organization’s information security
  • The development of the management system to promptly verify the application of each requirement
  • The internal audit aimed at ascertaining the compliance of the system applied to the ISO 27001:2017 standard
    focusing attention:

    • on the actual implementation of the ISO / IEC 27001:2017 regulatory requirements
    • on the effective application of the controls provided for by Annex A of the standard itself