GASSP (Generally Accepted System Security Principles)
An audit programme shall be planned, taking into consideration the .... number of
assessors, including lead assessors, and experts to cover all of its activities. ......
Body Personnel for Information Security Management Systems (ISO/IEC 27001).