Class: InternalAudit
An internal audit instance per Clause 9.2, assessing ISMS conformance and effectiveness.
classDiagram
class InternalAudit
click InternalAudit href "../InternalAudit/"
DocumentedInformation <|-- InternalAudit
click DocumentedInformation href "../DocumentedInformation/"
InternalAudit : approved_by
InternalAudit : approved_date
InternalAudit : audit_conclusion
InternalAudit : audit_criteria
InternalAudit : audit_objectives
InternalAudit : audit_period_end
InternalAudit : audit_period_start
InternalAudit : audit_plan
InternalAudit : audit_reference
InternalAudit : audit_scope
InternalAudit : audit_team
InternalAudit : audit_type
InternalAudit : auditee_representatives
InternalAudit : author
InternalAudit : classification
InternalAudit : created_date
InternalAudit : description
InternalAudit : document_reference
InternalAudit : document_type
InternalAudit --> "0..1" DocumentType : document_type
click DocumentType href "../DocumentType/"
InternalAudit : effective_date
InternalAudit : findings
InternalAudit --> "*" AuditFinding : findings
click AuditFinding href "../AuditFinding/"
InternalAudit : id
InternalAudit : lead_auditor
InternalAudit : modified_date
InternalAudit : name
InternalAudit : owner
InternalAudit : positive_observations
InternalAudit : report_date
InternalAudit : report_distribution
InternalAudit : retention_period
InternalAudit : review_date
InternalAudit : status
InternalAudit : version
Inheritance
- NamedEntity
- DocumentedInformation
- InternalAudit
- DocumentedInformation
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| audit_reference | 0..1 String |
Reference identifier for the audit | direct |
| audit_type | 0..1 String |
Type of audit | direct |
| audit_scope | 0..1 String |
Scope of the audit | direct |
| audit_criteria | * String |
Criteria against which audit is conducted | direct |
| audit_objectives | * String |
Objectives of the audit | direct |
| audit_period_start | 0..1 Date |
Start date of audit period | direct |
| audit_period_end | 0..1 Date |
End date of audit period | direct |
| lead_auditor | 0..1 String |
Lead auditor for the audit | direct |
| audit_team | * String |
Audit team members | direct |
| auditee_representatives | * String |
Representatives from audited areas | direct |
| audit_plan | 0..1 String |
Audit plan document reference | direct |
| findings | * AuditFinding |
Audit findings | direct |
| positive_observations | * String |
Positive observations noted | direct |
| audit_conclusion | 0..1 String |
Overall audit conclusion | direct |
| report_date | 0..1 Date |
Date the report was issued | direct |
| report_distribution | * String |
Distribution list for the report | direct |
| document_type | 0..1 DocumentType |
Classification of the documented information | DocumentedInformation |
| document_reference | 0..1 String |
Unique reference number for document control | DocumentedInformation |
| author | 0..1 String |
Person who created the document | DocumentedInformation |
| owner | 0..1 String |
Person accountable for the document content and maintenance | DocumentedInformation |
| approved_by | 0..1 String |
Person who approved the document | DocumentedInformation |
| approved_date | 0..1 Date |
Date when the document was approved | DocumentedInformation |
| effective_date | 0..1 Date |
Date when the document becomes effective | DocumentedInformation |
| review_date | 0..1 Date |
Date when the document is due for review | DocumentedInformation |
| status | 0..1 String |
Current status of the document or entity | DocumentedInformation |
| classification | 0..1 String |
Information classification level | DocumentedInformation |
| retention_period | 0..1 DurationType |
Duration for which the document is retained | DocumentedInformation |
| id | 1 Uriorcurie |
Unique identifier for this entity instance | NamedEntity |
| name | 1 String |
Human-readable name or title | NamedEntity |
| description | 0..1 String |
Detailed description of the entity | NamedEntity |
| created_date | 0..1 Date |
Date when the entity was created | NamedEntity |
| modified_date | 0..1 Date |
Date when the entity was last modified | NamedEntity |
| version | 0..1 String |
Version identifier for the entity | NamedEntity |
Usages
| used by | used in | type | used |
|---|---|---|---|
| InformationSecurityManagementSystem | internal_audits | range | InternalAudit |
| AuditProgramme | planned_audits | range | InternalAudit |
In Subsets
Comments
- Captures audit scope, criteria, findings, and conclusions
- Supports periodic conformance and effectiveness assessment records
- Reference: ISO/IEC 27001:2022 Clause 9.2. ISO/IEC standards text is copyright ISO - not reproduced here.
Identifier and Mapping Information
Annotations
| property | value |
|---|---|
| iso27001_clause | 9.2 |
Schema Source
- from schema: https://w3id.org/lmodel/iso27001
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | iso27001:InternalAudit |
| native | iso27001:InternalAudit |
LinkML Source
Direct
name: InternalAudit
annotations:
iso27001_clause:
tag: iso27001_clause
value: '9.2'
description: An internal audit instance per Clause 9.2, assessing ISMS conformance
and effectiveness.
comments:
- Captures audit scope, criteria, findings, and conclusions
- Supports periodic conformance and effectiveness assessment records
- 'Reference: ISO/IEC 27001:2022 Clause 9.2. ISO/IEC standards text is copyright ISO
- not reproduced here.'
in_subset:
- performance_evaluation
- documented_information
from_schema: https://w3id.org/lmodel/iso27001
is_a: DocumentedInformation
slots:
- audit_reference
- audit_type
- audit_scope
- audit_criteria
- audit_objectives
- audit_period_start
- audit_period_end
- lead_auditor
- audit_team
- auditee_representatives
- audit_plan
- findings
- positive_observations
- audit_conclusion
- report_date
- report_distribution
Induced
name: InternalAudit
annotations:
iso27001_clause:
tag: iso27001_clause
value: '9.2'
description: An internal audit instance per Clause 9.2, assessing ISMS conformance
and effectiveness.
comments:
- Captures audit scope, criteria, findings, and conclusions
- Supports periodic conformance and effectiveness assessment records
- 'Reference: ISO/IEC 27001:2022 Clause 9.2. ISO/IEC standards text is copyright ISO
- not reproduced here.'
in_subset:
- performance_evaluation
- documented_information
from_schema: https://w3id.org/lmodel/iso27001
is_a: DocumentedInformation
attributes:
audit_reference:
name: audit_reference
description: Reference identifier for the audit.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: audit_reference
owner: InternalAudit
domain_of:
- InternalAudit
range: string
audit_type:
name: audit_type
description: Type of audit.
examples:
- value: full
- value: partial
- value: follow-up
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: audit_type
owner: InternalAudit
domain_of:
- InternalAudit
range: string
audit_scope:
name: audit_scope
description: Scope of the audit.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: audit_scope
owner: InternalAudit
domain_of:
- InternalAudit
range: string
audit_criteria:
name: audit_criteria
description: Criteria against which audit is conducted.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: audit_criteria
owner: InternalAudit
domain_of:
- InternalAudit
range: string
multivalued: true
audit_objectives:
name: audit_objectives
description: Objectives of the audit.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: audit_objectives
owner: InternalAudit
domain_of:
- InternalAudit
range: string
multivalued: true
audit_period_start:
name: audit_period_start
description: Start date of audit period.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: audit_period_start
owner: InternalAudit
domain_of:
- InternalAudit
range: date
audit_period_end:
name: audit_period_end
description: End date of audit period.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: audit_period_end
owner: InternalAudit
domain_of:
- InternalAudit
range: date
lead_auditor:
name: lead_auditor
description: Lead auditor for the audit.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: lead_auditor
owner: InternalAudit
domain_of:
- InternalAudit
range: string
audit_team:
name: audit_team
description: Audit team members.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: audit_team
owner: InternalAudit
domain_of:
- InternalAudit
range: string
multivalued: true
auditee_representatives:
name: auditee_representatives
description: Representatives from audited areas.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: auditee_representatives
owner: InternalAudit
domain_of:
- InternalAudit
range: string
multivalued: true
audit_plan:
name: audit_plan
description: Audit plan document reference.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: audit_plan
owner: InternalAudit
domain_of:
- InternalAudit
range: string
findings:
name: findings
description: Audit findings.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: findings
owner: InternalAudit
domain_of:
- InternalAudit
range: AuditFinding
multivalued: true
positive_observations:
name: positive_observations
description: Positive observations noted.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: positive_observations
owner: InternalAudit
domain_of:
- InternalAudit
range: string
multivalued: true
audit_conclusion:
name: audit_conclusion
description: Overall audit conclusion.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: audit_conclusion
owner: InternalAudit
domain_of:
- InternalAudit
range: string
report_date:
name: report_date
description: Date the report was issued.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: report_date
owner: InternalAudit
domain_of:
- InternalAudit
range: date
report_distribution:
name: report_distribution
description: Distribution list for the report.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: report_distribution
owner: InternalAudit
domain_of:
- InternalAudit
range: string
multivalued: true
document_type:
name: document_type
description: Classification of the documented information.
in_subset:
- documented_information
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: document_type
owner: InternalAudit
domain_of:
- DocumentedInformation
range: DocumentType
document_reference:
name: document_reference
description: Unique reference number for document control.
comments:
- Per 7.5.2 a) identification and description
examples:
- value: ISMS-POL-001
- value: RA-2024-003
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: document_reference
owner: InternalAudit
domain_of:
- DocumentedInformation
range: string
author:
name: author
description: Person who created the document.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: author
owner: InternalAudit
domain_of:
- DocumentedInformation
range: string
owner:
name: owner
description: Person accountable for the document content and maintenance.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: owner
owner: InternalAudit
domain_of:
- DocumentedInformation
range: string
approved_by:
name: approved_by
description: Person who approved the document.
comments:
- Per 7.5.2 c) review and approval
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: approved_by
owner: InternalAudit
domain_of:
- DocumentedInformation
- StatementOfApplicability
range: string
approved_date:
name: approved_date
description: Date when the document was approved.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: approved_date
owner: InternalAudit
domain_of:
- DocumentedInformation
- RiskTreatmentPlan
range: date
effective_date:
name: effective_date
description: Date when the document becomes effective.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: effective_date
owner: InternalAudit
domain_of:
- DocumentedInformation
range: date
review_date:
name: review_date
description: Date when the document is due for review.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: review_date
owner: InternalAudit
domain_of:
- DocumentedInformation
- ManagementReview
range: date
status:
name: status
description: Current status of the document or entity.
comments:
- Examples include draft, approved, active, superseded, archived
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: status
owner: InternalAudit
domain_of:
- DocumentedInformation
- Nonconformity
- CorrectiveAction
- ImprovementOpportunity
range: string
classification:
name: classification
description: Information classification level.
comments:
- Per A.5.12, classification based on confidentiality, integrity, availability
examples:
- value: confidential
- value: internal
- value: public
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: classification
owner: InternalAudit
domain_of:
- DocumentedInformation
- Asset
range: string
retention_period:
name: retention_period
description: Duration for which the document is retained.
comments:
- Per 7.5.3 f) retention and disposition
- Use ISO 8601 duration notation such as P1Y or P90D
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: retention_period
owner: InternalAudit
domain_of:
- DocumentedInformation
range: duration type
id:
name: id
description: Unique identifier for this entity instance.
comments:
- Should use consistent URI/CURIE format across the dataset
examples:
- value: iso27001:risk-001
- value: iso27001:control-5.1
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
identifier: true
alias: id
owner: InternalAudit
domain_of:
- NamedEntity
range: uriorcurie
required: true
name:
name: name
description: Human-readable name or title.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: name
owner: InternalAudit
domain_of:
- NamedEntity
range: string
required: true
description:
name: description
description: Detailed description of the entity.
comments:
- Should provide sufficient detail for understanding without external reference
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: description
owner: InternalAudit
domain_of:
- NamedEntity
range: string
created_date:
name: created_date
description: Date when the entity was created.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: created_date
owner: InternalAudit
domain_of:
- NamedEntity
range: date
modified_date:
name: modified_date
description: Date when the entity was last modified.
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: modified_date
owner: InternalAudit
domain_of:
- NamedEntity
range: date
version:
name: version
description: Version identifier for the entity.
comments:
- Supports document control requirements per 7.5.3 e)
examples:
- value: '1.0'
- value: 2.3.1
from_schema: https://w3id.org/lmodel/iso27001
rank: 1000
alias: version
owner: InternalAudit
domain_of:
- NamedEntity
range: string