Best Practices of Auditing in an Organization using ISO 27001 Standard
Amogh Phirke1, Jayshree Ghorpade-Aher2

1Amogh Phirke, Department of Computer Science and Engineering, MIT World Peace University, Pune (Maharashtra), India.
2Jayshree Ghorpade-Aher, Department of Computer Science and Engineering, MIT World Peace University, Pune (Maharashtra), India.
Manuscript received on 20 July 2019 | Revised Manuscript received on 03 August 2019 | Manuscript Published on 10 August 2019 | PP: 691-695 | Volume-8 Issue-2S3 July 2019 | Retrieval Number: B11280782S319/2019©BEIESP | DOI: 10.35940/ijrte.B1128.0782S319
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (

Abstract: In recent year with the intensive use of the information technologies, data security has been turned into a critical and important issue in organizational management. Various Standard and rules are there for the security of Information, for example, ISO/IEC 27001, ISO/IEC 27002. However, organization face different challenges for implementing the standard. In this paper, we present the status of the ISO/IEC 27001 execution process in a Small and Medium Sized Enterprise. By executing ISO 27001, organization got the chance to prove authenticity and show the clients that the organization is working according to recognized best practices. It helped the organization “IKSC Knowledge Bridge Pvt Ltd.” in reducing cost, risks, and increases the brand value. The outcomes obtained conclude not just the need to think about the technical, legal aspects of organization but also those related to people like training, knowledge, create awareness, to achieve a successful management of information security.
Keywords: ISO/IEC 27001:2013, Risk Mitigation, Software Audit, Controls, Compliances.
Scope of the Article: Software Engineering Methodologies