55-703841 Standard Based Security Audit and Assessment Brief | SHU

55-703841 Module Learning Outcomes

LO1 Identify, describe and evaluate key areas of the ISO 27001, ISO 27002 and ISO 19011 standards
LO2 Auditing to required standards
LO3 Interview techniques
LO4 To understand the processes of a lead auditor

Assessment Brief of 55-703841

Refer to the case study in this document. Your team have been tasked by Julie Girdham to create an ISMS to prevent the current or future breaches in the case study. The report must include the following sub-tasks.

Sub-task	Marking Criteria	Comment	Total weight
1	Audit Interview Questions	Develop a list of 10 audit interview questions to audit the incident management process from the case study on the blackboard. Consider your audiences from all strategic, tactical, and operational levels. Map relevant ISO/IEC 27001:2022 Clauses / Annex A Controls.	20%
2	Non- Non-Conformity Reports	Concerning the case study on the Blackboard, identify any 3 areas of concern. For each of the 3 chosen areas, you must. Write either a non-conformity report or observation, in the format required by the exam. You must state which clauses/annexe A controls you’re referencing, or you will be given zero marks	30%
3	Junior Auditor Guidebook	You are a lead auditor and have been asked to write a simple guidebook for a new junior member of staff, Alice, as she is about to embark on her first ever audit. Start by outlining the purpose of an ISO27001 audit and its stages.	40%

Buy a Custom Answer to This Assessment & Raise Your Grades

Order Non Plagiarized Assignment

Sub-

task

Marking

Criteria

Comment

Total

weight

Describe and evaluate a stage 1 audit. What is its purpose? Describe and evaluate all relevant areas, activities, and outputs.
Create a list and provide the importance of all mandatory documents from ISO/IEC 27001.
Create a stage 2 audit plan for the case study organisation and explain why you need it – a table format is most suited.
Describe and evaluate a stage 2 audit. What is its purpose? Describe and evaluate all relevant areas, activities, and outputs.
Explain what is meant by objective evidence and why it is important. Give 5 examples from the case study.
Focus on, as a minimum, the required competencies, checklists, the opening and closing meetings.
Reference the ISO 27001, ISO 19011, and ISO 17021 wherever applicable in this booklet.
Flow diagrams are advisable for any process demonstration.

Note: This should be in form of a guidebook that anyone can follow without prior knowledge in auditing or ISMS. The secret lies in the simplicity and comprehensiveness of this document.

Formatting, Referencing and continual evaluation

Assessment must be uploaded to the official submission point & Turnitin point only in Word format (.docx).
Font must be in Calibri Body and size 11, with 1 line spacing.
The document must be named as StudentID_StudentName_SBSAAA_SBSAAA_SBSAAA_ SBSAAA 2025 (Student ID replaced by your student ID, and StudentName replaced by your First Name).
The referencing/bibliography must be in line with SHU guidance, and the work submitted is your own and not plagiarised. Turnitin score must be within the acceptable range.
Proofread your work to check your spelling and grammar.
Keep to the word count.
Continual contribution to class activities and group discussions.

Assessment Brief of 55-703841 Refer to the case study in this document. Your team have been tasked by Julie Girdham to create an ISMS to prevent the current or future breaches in the case study.