3.1 You are conducting an ISO 27001 audit at a company manufacturing key fob devices that generate random cryptographic key codes. The devices are manufactured to order for a ultinational secure communications systems provider and are shipped securely in tracked parcels directly to their end users.

The next activity on your audit plan is the assessment of the organisation’s goods in/out loading bay. Raw material components, waste and high value assets all pass through this area.

A review of the company’s Statement of Applicability has already shown that all Annex A control objectives and controls are justified as in-scope.

Outline in a checklist how you will perform this audit by developing a series of ten audit checkpoints.

For each checkpoint, identify examples of the audit evidence you would want to gather and give the appropriate ISO 27001 reference.  (10 marks)