The purpose of undertaking an audit process is to ensure that the organisation has taken every appropriate precaution to verify the effectiveness of its information security management system (ISMS) against the requirements of ISO 27001 and the organisation’s own requirements for the ISMS.
CentriVault can undertake internal audits and gap analysis for you. The internal audit requirements are stipulated in Clause 9.2 of ISO/IEC 27001. We have certified auditors who work with Certification Bodies so can advise on what will be expected during Stage 1 or Stage 2 Audits.
We can assist in building up your audit schedule, prepare audit checklists, develop audit processes, perfom interviews, audit suppliers, identify noncomformities or opportunities for improvement.
For guidance on our internal audit process, to the right provides a basic flow.