top of page
Insights
Don’t Panic! Your Risk Focused ISO Audit Preparation Checklist
Receiving notice of an upcoming ISO audit often triggers a wave of anxiety for organisations that haven't been through the process before. Quite commonly, ISO audit preparation involves a last-minute scramble to update documentation and review procedures, prompting an all-hands-on-deck approach.
Daniel Sampson
Mar 174 min read
Internal Audit vs External Audit: What’s the Difference and Why It Matters
In my experience as a Lead Auditor, I’ve seen many organisations approach ISO 27001 risk assessment as a creative writing exercise. They’ll start by building a massive spreadsheet, filling it with ‘low, medium, high’ labels and hope I don't look too closely at the underlying detail.
But in 2026, with cyber threats evolving at machine speed, auditors have had to change their approach to adjust to a much more threatening landscape. What we’re not looking for is a perfect list
Daniel Sampson
Mar 103 min read
How Lead Auditors Assess Risk Under ISO 27001
In my experience as a Lead Auditor, I’ve seen many organisations approach ISO 27001 risk assessment as a creative writing exercise. They’ll start by building a massive spreadsheet, filling it with ‘low, medium, high’ labels and hope I don't look too closely at the underlying detail.
But in 2026, with cyber threats evolving at machine speed, auditors have had to change their approach to adjust to a much more threatening landscape. What we’re not looking for is a perfect list
Daniel Sampson
Feb 263 min read
bottom of page