Annex A 8.34 - Protection of Information Systems During Audit Testing

Audit tests and other assurance activities involving assessment of operational systems shall be planned and agreed between the tester and appropriate management.