~3 page information security policy template on internal audits of your Information Security Management System.
 
Audits are a valuable assurance mechanism supporting the ISMS and the organisation’s information risk management and governance as a whole. 
 
While ISMS external audits are required to confirm conformity with the ISO/IEC 27001 standard for certification purposes, ISMS internal audits can address conformity and other aspects of interest or concern to management e.g. auditing IT system/network security, or reviewing the management of information risks associated with the provision or use of cloud computing services.
 
Supplied as an editable MS Word document, readily customised for your organisation's specific situation.