ISO 27001/27002 (2022) - Security Audit Questionnaires (Tool 1) (Excel XLSX)

This tool (set of spreadsheets) contains 5 parts with 800 questions and an evaluation method, for all control issues and areas (over 93) of the ISO 27K 2022 Version on all aspects of information security, as defined in this ISO standard.

These questionnaires may be used to support your efforts in assessing whether your company, organization or business function or department (herein ‘company') complies with the requirements of ISO Security standard ISO 27001/27002: 2022 version.

Contents
PART 1: README: Description of the spreadsheet and summary of results
PART 2: ISO 27K Mandatory Requirements (Clause 4 to 10): 27 + items, 68 questions
PART 3: ISO 27K Annex A: Organizational Controls (Clause A5): 37 controls, 302 questions
PART 4: This includes:
4.1 ISO 27K Annex A: People Controls (Clause A6): 8 controls, 76 questions
4.2 ISO 27K Annex A: Physical Controls (Clause A7): 14 controls, 74 questions
PART 5: ISO 27K Annex A: Technological Controls (Clause A8): 34 controls, 280 questions

Note: A set of implantation measures (assessment guidance, plans, policies, procedures, etc.) for each information security control is included in another tool. These measures, in a form of a word document, for each set of ISO 27001/27002 information security controls, are included in the tool titled ‘ISO 27K-2022 Version- Security Audit Questionnaires (Tool 2)'. This guidance and the associated policies, plans and procedures may assist you and support you in implementing the required information security controls better.
A Statement of Applicability (SOA) is included in another tool titled ‘ISO 27K-2022 Version- Statement of Applicability (SOA)'.