ISO 27001:2013 Auditing Process

Assign ISO Auditor / Audit Team​

We will appoint a lead auditor or audit team to design, consult and complete the internal audit program against the ISO 27001 : 2013 standard.

Review ISO System and Documentation and Create Audit Schedule​

Our consultant will complete an offsite gap analysis of your system against the ISO 27001 : 2013 standard. A detailed audit plan and schedule will be prepared and communicated to the client in advance of the internal audit.

Complete Onsite Audit​

The Lead Auditor will complete an internal audit against the requirements of the Standard. Any significant issues will be discussed with the client during the internal audit process. The Lead Auditor will present their findings at the closing meeting.

Deliver Audit Report​

The Lead Auditor will provide the client with an audit report that will include the following detail:
  • Any observations that require consideration by the organisation.
  • Any recommendations that need to be followed up BY the senior management team.
  • An audit summary that details the organisations position against the standard.

Review Audit Findings​

Our consultant will complete a follow up review of the audit report with the client.

Select Opportunities For Improvement​

If requested by the client, we will provide suggestions that may assist the organisation in improving the performance and effectiveness of this data security management system.