Check out our FREE Resources page – Download free business frameworks, PowerPoint templates, whitepapers, and more.

ISO 27001/27002 Security Audit Questionnaire   Excel template (XLSX)
$50.00
Add to Cart

ISO 27001/27002 Security Audit Questionnaire (Excel template (XLSX)) Preview Image
ISO 27001/27002 Security Audit Questionnaire (Excel template (XLSX)) Preview Image
ISO 27001/27002 Security Audit Questionnaire (Excel template (XLSX)) Preview Image
ISO 27001/27002 Security Audit Questionnaire (Excel template (XLSX)) Preview Image
Flevy is the marketplace for business best practices.
ISO 27001/27002 Security Audit Questionnaire (Excel template (XLSX)) Preview Image
ISO 27001/27002 Security Audit Questionnaire (Excel template (XLSX)) Preview Image
ISO 27001/27002 Security Audit Questionnaire (Excel template (XLSX)) Preview Image
ISO 27001/27002 Security Audit Questionnaire (Excel template (XLSX)) Preview Image
Arrow   Click main image to view in full screen.

ISO 27001/27002 Security Audit Questionnaire (Excel XLSX)

Excel (XLSX)

#1 in ISO 27001 $50.00
FlevyPro price: $40.00 (20% discount)


Add to Cart
  


Immediate download
Fully editable Excel
Free lifetime updates
Trusted by over 10,000+ clients

BENEFITS OF THIS EXCEL DOCUMENT

  1. Help you assess your compliance with the ISO 27001 Security standard.
  2. Support you to improve your company.
  3. Compare your security measures with what may be expected and improve them accordingly.

ISO 27001 EXCEL DESCRIPTION

Editor Summary An XLSX spreadsheet titled ISO 27001/27002 Security Audit Questionnaire by John Kyriazoglou provides 17 section-by-section questionnaires with a total of 372 questions covering ISO 27001/27002 domains (General Security Framework; A5–A18 controls including Access Control, Cryptography, Physical/Environmental/Data Protection, Operations, Communications, Supplier Relationships, Incident Management, Business Continuity, Compliance). Read more

This spreadsheet contains a set of security questions and an evaluation method, which could be used to support your efforts in assessing whether your company complies with the requirements of ISO Security standard ISO 27001/27002.

It is made up of 2 parts. The first part contains a summary of the questionnaires included in the second part and instructions on using this spreadsheet.

The second part contains 17 questionnaires with 372 questions on all aspects of information security, as defined in the ISO standard.
The questionnaires included in this spreadsheet are:

Q1. General Security Framework Questionnaire (222 questions)
Q2. Information Security Policies (A5) Questionnaire (5 questions)
Q3. Organization of Information Security (A6) Questionnaire (8 questions)
Q4. Human resources security (A7) Questionnaire (8 questions)
Q5. Asset management (A8) Questionnaire (12 questions)
Q6. Access control (Section A9) Questionnaire (15 questions)
Q7. Cryptography (Section A10) Questionnaire (3 questions)
Q8. Physical security (Section A11-part 1) Questionnaire (12 questions)
Q9. Environmental security (Section A11-part 2) Questionnaire (8 questions)
Q10. Data Protection (Section A11-part 3) Questionnaire (6 questions)
Q11. Operations security (Section A12) Questionnaire (10 questions)
Q12. Communications security (Section A13) Questionnaire (8 questions)
Q13. System acquisition, development and maintenance (A14) Questionnaire (16 questions)
Q14. Supplier relationships (A15) Questionnaire (7 questions)
Q15. Information security incident management (A16) Questionnaire (6 questions)
Q16. Information security aspects of business continuity management
(A17) Questionnaire (10 questions)
Q17. Compliance (A18) Questionnaire (9 questions)

This template offers a comprehensive grading system to evaluate your organization's adherence to each questionnaire section. The evaluation grades provide a clear, quantifiable measure of compliance, making it easier to identify areas needing improvement. The tool is designed for ease of use, ensuring that your team can efficiently conduct thorough security audits. This structured approach helps in maintaining robust information security management practices, aligning with ISO standards.

Got a question about the product? Email us at support@flevy.com or ask the author directly by using the "Ask the Author a Question" form. If you cannot view the preview above this document description, go here to view the large preview instead.

TOPIC FAQ

What are the main domains covered by ISO 27001/27002 security assessments?

Typical ISO 27001/27002 assessments cover policy, organization, human resources, asset management, access control, cryptography, physical and environmental protections, operations, communications, system development, supplier relationships, incident management, business continuity, and compliance. The ISO 27001/27002 Security Audit Questionnaire organizes these into 17 questionnaires covering A5–A18 and a general framework, totaling 17 questionnaires.

How can an organization use questionnaires to assess ISO 27001 compliance?

Organizations conduct structured interviews or self-assessments using questionnaires to map existing controls to ISO clauses, capture yes/no or graded responses, and apply an evaluation method to quantify maturity and compliance. The ISO 27001/27002 Security Audit Questionnaire includes instructions, a summary, and a grading system to support that process with 372 questions.

What topics are typically asked in an access control questionnaire?

An access control questionnaire targets controls mapped to Section A9 of ISO 27001 and focuses on how access rights and authentication are managed and monitored. In the referenced spreadsheet, the access control questionnaire is a discrete section containing 15 questions specific to Section A9.

How should I choose a pre-built ISO 27001 audit template for a small IT team on a tight timeline?

Prioritize templates that explicitly map to ISO clauses, include clear usage instructions, provide a grading or evaluation method, and offer sufficient question coverage so you can complete assessments quickly. The ISO 27001/27002 Security Audit Questionnaire provides instructions, an evaluation grading system, and coverage across A5–A18 with 372 questions to review.

Are paid ISO 27001 audit templates worth the cost compared to building your own questionnaire?

Paid templates reduce initial scoping and drafting time by providing pre-mapped control sections, standardized questions, and built-in grading so teams can begin assessments faster. The spreadsheet referenced supplies these elements across 17 questionnaires with an evaluation method to quantify compliance.

We just completed a merger—how can we quickly assess security gaps across the combined organization?

Use a standardized set of questionnaires mapped to ISO control domains to survey both entities, apply a consistent grading methodology to each response, and aggregate scores to highlight gaps and priority remediation areas. The ISO 27001/27002 Security Audit Questionnaire is structured for this purpose with 17 questionnaires, instructions, and evaluation grades.

What level of team or role should lead an internal ISO 27001 questionnaire audit?

Lead the questionnaire audit with an individual or small team responsible for information security and compliance who can access control owners and evidence. The tool is designed for team use and includes a summary and instructions plus an evaluation grading method to support internal auditors or security leads.

How does an audit tool separate physical, environmental, and data protection controls?

A compliant tool separates related A11 topics into distinct questionnaires so each control area is assessed individually. In this spreadsheet A11 is split into Physical Security (part 1, 12 questions), Environmental Security (part 2, 8 questions), and Data Protection (part 3, 6 questions).

Source: Best Practices in ISO 27001, ISO 27002 Excel: ISO 27001/27002 Security Audit Questionnaire Excel (XLSX) Spreadsheet, John Kyriazoglou

$50.00
FlevyPro price: $40.00 (20% discount)


Add to Cart
  

ABOUT THE AUTHOR

Additional documents from author: 31

John Kyriazoglou obtained a certificate in computer programming and data processing from a technical college, in Hamilton, Canada, a (Hon.) in Computer Science and with a minor in Economics from the University of Toronto, Canada, also earning a Scholastic award for Academic Excellence in Computer Science. John has worked in Canada, Europe (England, Switzerland, Luxembourg, Greece, etc.) and the ... [read more]

Ask the Author a Question

You must be logged in to contact the author.

Click here to log in Click here register

Did you know?
The average daily rate of a McKinsey consultant is $6,625 (not including expenses). The average price of a Flevy document is $65.



Trusted by over 10,000+ Client Organizations
Since 2012, we have provided business templates to over 10,000 businesses and organizations of all sizes, from startups and small businesses to the Fortune 100, in over 130 countries.
AT&T GE Cisco Intel IBM Coke Dell Toyota HP Nike Samsung Microsoft Astrazeneca JP Morgan KPMG Walgreens Walmart 3M Kaiser Oracle SAP Google E&Y Volvo Bosch Merck Fedex Shell Amgen Eli Lilly Roche AIG Abbott Amazon PwC T-Mobile Broadcom Bayer Pearson Titleist ConEd Pfizer NTT Data Schwab


Explore These Related Documents



Read Customer Testimonials

 
 "[Flevy] produces some great work that has been/continues to be of immense help not only to myself, but as I seek to provide professional services to my clients, it gives me a large "tool box" of resources that are critical to provide them with the quality of service and outcomes they are expecting."

– Royston Knowles, Executive with 50+ Years of Board Level Experience
 
 "As a consultant requiring up to date and professional material that will be of value and use to my clients, I find Flevy a very reliable resource.

The variety and quality of material available through Flevy offers a very useful and commanding source for information. Using Flevy saves me time, enhances my expertise and ends up being a good decision."

– Dennis Gershowitz, Principal at DG Associates
 
 "One of the great discoveries that I have made for my business is the Flevy library of training materials.

As a Lean Transformation Expert, I am always making presentations to clients on a variety of topics: Training, Transformation, Total Productive Maintenance, Culture, Coaching, Tools, Leadership Behavior, etc. Flevy "

– Ed Kemmerling, Senior Lean Transformation Expert at PMG
 
 "As a consulting firm, we had been creating subject matter training materials for our people and found the excellent materials on Flevy, which saved us 100's of hours of re-creating what already exists on the Flevy materials we purchased."

– Michael Evans, Managing Director at Newport LLC
 
 "My FlevyPro subscription provides me with the most popular frameworks and decks in demand in today’s market. They not only augment my existing consulting and coaching offerings and delivery, but also keep me abreast of the latest trends, inspire new products and service offerings for my practice, and educate me "

– Bill Branson, Founder at Strategic Business Architects
 
 "I like your product. I'm frequently designing PowerPoint presentations for my company and your product has given me so many great ideas on the use of charts, layouts, tools, and frameworks. I really think the templates are a valuable asset to the job."

– Roberto Fuentes Martinez, Senior Executive Director at Technology Transformation Advisory
 
 "As a young consulting firm, requests for input from clients vary and it's sometimes impossible to provide expert solutions across a broad spectrum of requirements. That was before I discovered Flevy.com.

Through subscription to this invaluable site of a plethora of topics that are key and crucial to consulting, I "

– Nishi Singh, Strategist and MD at NSP Consultants
 
 "As a niche strategic consulting firm, Flevy and FlevyPro frameworks and documents are an on-going reference to help us structure our findings and recommendations to our clients as well as improve their clarity, strength, and visual power. For us, it is an invaluable resource to increase our impact and value."

– David Coloma, Consulting Area Manager at Cynertia Consulting


Customers Also Bought These Documents


Customers Also Like These Documents

Explore Templates on Related Management Topics

ISO 27001 Templates
ISO 27002 Templates
Consulting Frameworks Templates
PowerPoint Diagrams Compilation Templates
Digital Transformation Templates
Artificial Intelligence Templates
Consulting Training Templates
Strategy Frameworks Templates
Project Management Templates
Presentation Development Templates
Pyramid Principle Templates
Corporate Culture Templates



Your Recently Viewed Documents
Download our FREE Digital Transformation Templates

Download our free compilation of 50+ Digital Transformation slides and templates. DX concepts covered include Digital Leadership, Digital Maturity, Digital Value Chain, Customer Experience, Customer Journey, RPA, etc.

OUR CORE OFFERINGS
Flevy Marketplace: Top 100 Templates
Strategy & Transformation
Digital Transformation
Operational Excellence
Organization & Change
Financial Models
Consulting Frameworks
PowerPoint Templates
FlevyPro (Subscription Service)
Streams
Flevy Consulting Network
PowerPoint Services

FREE Resources

About Flevy
Management Topics
Marcus (AI-Powered Consultant)
Partner Program
LinkedIn Influencer Marketing
FAQ / Terms / Privacy / Blog
Contact Us: support@flevy.com




CONNECT WITH US!
        		EXPLORE TEMPLATES & FRAMEWORKS: TOP 100 TRENDING TOPICS
Agentic AI Templates Agile Templates Analytics Templates Artificial Intelligence Templates BDP Templates Balanced Scorecard Templates Business Model Innovation Templates Business Plan Development Templates Business Plan Financial Model Templates Business Transformation Templates Change Management Templates Cloud Templates Competitive Advantage Templates Competitive Analysis Templates Continuous Improvement Templates Core Competencies Templates Corporate Culture Templates Cost Optimization Templates Cost Reduction Assessment Templates Crisis Management Templates Customer Experience Templates Customer Journey Mapping Templates Customer Relationship Management Templates Customer Value Proposition Templates Customer-centricity Templates

BROWSE BY FUNCTION
Strategy, Transformation, & Innovation
Digital Transformation
Operational Excellence and LSS
Organization, Change, & HR
Management Consulting 		Cyber Security Templates Data Governance Templates Data Privacy Templates Decision Making Templates Digital Transformation Templates Due Diligence Templates Effective Communication Templates Employee Engagement Templates Employee Training Templates Financial Management Templates GenAI Templates Governance Templates Growth Strategy Templates HR Strategy Templates Hoshin Kanri Templates Human-centered Design Templates ISO 27001 Templates Industry 4.0 Templates Industry Analysis Templates Information Technology Templates Innovation Management Templates Inventory Management Templates Kaizen Templates Key Success Factors Templates Leadership Templates

ADDITIONAL RESOURCES
Business Strategy Frameworks
Case Studies
Consulting Slide Examples
Consulting Training Guides
Financial Advising Services (FAS) 		Lean Management Templates Logistics Templates M&A (Mergers & Acquisitions) Templates Manufacturing Templates Market Research Templates Marketing Plan Development Templates Maturity Model Templates McKinsey Presentations Templates Meeting Facilitation/Management Templates Operational Excellence Templates Organizational Design Templates Performance Management Templates Pitch Deck Templates Post-merger Integration Templates Presentation Delivery Templates Pricing Strategy Templates Problem Solving Templates Process Improvement Templates Process Maps Templates Product Strategy Templates Project Management Templates Purpose Templates Quality Management Templates Real Estate Templates Requirements Gathering Templates


Free Resources
Lean Management
Lean Six Sigma Training Guides
LLM Info
McKinsey-Style Consulting Presentations 		Resource Management Templates Restructuring Templates Risk Management Templates Root Cause Analysis Templates SCOR Model Templates SWOT Analysis Templates Sales Strategy Templates Scenario Planning Templates Service Design Templates Six Sigma Project Templates Social Media Strategy Templates Strategic Analysis Templates Strategic Planning Templates Strategic Sourcing Templates Strategy Deployment & Execution Templates Strategy Development Templates Strategy Report Example Templates Supply Chain Management Templates Sustainability Templates Target Operating Model Templates Team Management Templates Valuation Templates Value Chain Analysis Templates Value Creation Templates Value Stream Mapping Templates


Product Strategy
Small Business Owner
Startup Resources
Value Innovation Strategy

© 2012-2026 Copyright. Flevy LLC. All Rights Reserved.