There is a growing demand for information security management systems (ISMS) auditors. The Information Security Management System (ISO 27001) is applicable to all businesses, regardless of sector. It addresses the security of information held in any form, not just electronic.This is where we step in. The programme supports third-party certification: we certify the different categories of auditors - those employed by certification bodies/registrars, consultants and internal auditors. We also develop and promote good auditor training and auditing best practice.
Our audits employ protocols and checklists to verify compliance with regulatory requirements and industry standards. They help to ensure programs are properly designed and implemented. Audits identify program deficiencies so that recommendations can be developed for corrective action. We provide unparalleled Internal consulting for certifications of ISO27001 at an unmatched cost. This standard covers compliance auditing, a particular form of auditing with a very specific goal: to assess whether the audited organization is fulfilling the obligations laid down in ISO/IEC 27001 in respect of its ISMS.
- Pre-audit: Planning and organizing the audit; establishing the audit objectives, scope and protocol; and reviewing the design of the program by examining documentation.
- On-site audit: Conducting personnel interviews, reviewing records, and making observations to assess program implementation.
- Post-audit: Briefing management on the audit findings, and preparing a report.