01 - basic audit

CISO Assistant: starting an audit

Start your audit confidently with CISO Assistant by setting up your organization's domains and security perimeters. This guide helps you create an audit baseline aligned with ISO/IEC 27001:2022 and understand your organization's security context.

Go to localhost:5173

1. Click "Organization"

Access the Organization settings to begin configuring your domain management.

Click 'Organization'

2. Click "Domains"

Navigate to the Domains section to manage your organization's domain details.

Click 'Domains'

3. Click here

Initiate the process to add a new domain by selecting the appropriate option.

Click here

4. Click here

Enter a descriptive name for your new domain to clearly identify it.

Click here

5. Fill "explainer"

Save the newly created domain to register it within your organization.

Fill 'explainer'

6. Click "Save"

Select the domain you just created to begin setting up its security perimeter.

Click 'Save'

8. Pick "explainer" domain

Start adding a new security perimeter to define the domain's protective scope.

Click 'explainer'

9. Click "Add perimeter"

Choose the option to specify the perimeter's characteristics and settings.

Click 'Add perimeter'

10. Click here

Provide a clear and concise name for the new security perimeter.

Click here

11. Fill "general"

Save the perimeter settings to apply them to the domain.

Fill 'general'

12. Click "Save"

Return to the General settings to prepare for audit creation.

Click 'Save'

13. Click "General"

Begin creating a new audit to assess your organization's security posture.

Click 'General'

14. Click "New Audit"

Select the option to add a new audit baseline for evaluation.

Click 'New Audit'

15. Click here

Name your audit baseline to reflect its purpose or scope.

Click here

16. Fill "my baseline"

Specify the audit type or category to align with your compliance goals.

Fill 'my baseline'

17. Click here

Choose the relevant standard or framework for your audit.

Click here

18. Search "iso"

Select the International standard ISO/IEC 27001:2022 to align with recognized security practices.

Fill 'iso'

19. Click "International standard ISO/IEC 27001:2022"

Confirm and save your audit configuration to proceed.

Click 'International standard ISO/IEC 27001:2022'

20. Click "Save"

Access the detailed audit sections to review specific requirements.

Click 'Save'

21. Open the tree structure

Select the section focused on the organization's context for information security.

Click here

23. Enter an item to review/update it

Ensure your Information Security Management System (ISMS) aligns with your organization's context by addressing these factors.

Click 'Identify internal and external factors that influence the organization’s ability to achieve information security objectives, ensuring the ISMS is aligned with its context.'

This guide walked you through setting up domains and security perimeters, creating an audit baseline, and aligning your ISMS with ISO/IEC 27001:2022 standards. You learned to identify organizational factors critical to achieving information security objectives.

Powered by guidde