- What is the organizational readiness for certification? Review the Strategic Alignment Maturity Model Levels for this portion.
- How many members of your internal audit team will you need to perform the risk assessment? How long will the risk assessment take?
- What internal technology teams and other key stakeholders will you need to engage?
- Provide a brief description of the ISO/IEC 27001:2013 or FISMA certification process (dependent on sector type chosen).