ISO 27001 Gap Audit

A gap audit to the information security standard ISO 27001 will determine what you require to do to enable certification to the standard.

You will receive an audit plan prior to the visit. A Dionach auditor will review your existing policies, procedures and practices within the scope that is considered for certification. The auditor will explain the main gaps at a closing meeting.

The subsequent report will provide a list of the main sections of the standard and a list of gaps that will be required prior to certification.

The sections of the standard that Dionach will review are:

• Likely scope of certification
• Security policy, risk assessment, statement of applicability
• Organisation of information security
• Asset management
• Human resources security
• Physical and environmental security
• Communications and operations management
• Access control
• Information systems acquisition, development and maintenance
• Information security incident management
•  Business continuity management
• Compliance

Contact us for a quote through our enquiry form or telephone us on 0845 225 5050.