ISO 27001 – Internal Audit

Internal audits are auditing activities that an ISMS operator must perform itself in order to regularly demonstrate the conformity of the ISMS with the requirements of the standard. The name “internal audit” (or also “internal audit”) serves to distinguish them from certification audits – and expressly does not suggest that an internal audit must be performed by an employee of the audited organization. Often this is neither desired – e.g., because competent persons are actively involved in the implementation and operation of the ISMS – nor even possible if the organization does not have a competent auditor.

In such a case, we are available with expertise and auditor competence to perform your internal audits. During an internal audit in accordance with the international standard ISO 27001, our experts, who have many years of experience and are certified auditors themselves, review your ISMS with regard to:

We take into account the defined scope of the ISMS as well as the business processes of the respective organization.

Our approach also incorporates your internal audit planning. The focus can be set on topics considered to be particularly important after consultation. You will receive a detailed report on the results, which you can present at the certification audit.