Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice

X

When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Reveal Menu

Our audit approach

CertiKit offer both full pre-certification audits and ongoing internal audits performed by a qualified ISO27001 lead auditor. Whether you’re a toolkit customer or not, we’d be happy to assist you with your ISO27001 internal auditing requirements. CertiKit’s audits are performed remotely via MS Teams by our consultants in the UK and are most suitable for organizations +/- 2 hours of UK time zone. Please note, CertiKit are not a Registered Certification Body and cannot provide you with a formal management system certification. 

 

Types of audit service offered:

      • A pre-certification audit is a comprehensive internal audit that is perfect for organizations working towards ISO27001 certification. We’ll measure in detail the compliance of your whole ISMS and prepare a comprehensive report ready for your certification audit.
      • Ongoing internal audits are available to support your post-certification requirements and we can provide different types of auditing services to meet your own internal auditing needs.

 

What does the audit consist of? 

The audits will consist of a combination of document review and remote discussions with appropriate management and staff. Relevant documented information will be reviewed as evidence that the defined processes and procedures are being followed.

After the audit we provide a professionally compiled report that details:

  • The agenda and all areas audited within the ISMS and Statement of Applicability in line with your requested scope
  • Evidence examined and audit trail for all areas of the standard included
  • Positive findings – the things your organization is doing well
  • Nonconformities – areas found to be non-compliant against the requirements of the ISO27001 standard which you can then use to drive continual improvement

The report can be used by your organization to demonstrate to your external certification body that you are meeting the internal audit requirements of the standard.

 

Submit an enquiry today!

Let us help you meet your ISO27001 internal auditing requirements, and find the right solution for your organization.

  1. Submit an enquiry using the form to the right.
  2. You’ll be sent a booking form to detail your requirements and send back to us.
  3. Our ISO27001 Lead Auditor will assess your requirements and outline the most suitable audit solution for your organization.

Please note, CertiKit’s audits are performed remotely via MS Teams by our consultants in the UK and are most suitable for organizations +/- 2 hours of UK time zone.

  • Privacy Policy

    X

    When you submit an auditing enquiry, we use your name, company name (which is optional) and your email address to contact you about this service. We take your country data to assess your suitability for our services. We may also email you after your enquiry in order to follow up on your interest in our services. We will do this based on our legitimate interest in marketing to prospects for our products and services. Your name and email address are stored on our website which is hosted with Digital Ocean. Your personal data is stored for one year after your enquiry submission, after which it is deleted.


 

Pre-certification audit

Standard pre-certification audit – This is an internal audit of ALL areas of the ISO27001 standard including the applicable Annex A controls as defined by your Statement of Applicability (SoA).

This premium audit is 3 days in duration and is suitable for SMEs of up to 75 employees (FTEs). It includes the audit days plus a professionally produced audit report and completed gap assessment dashboard to easily understand your level of conformity to the standard.

Bespoke pre-certification audit –  We can also offer bespoke quotes for larger organizations wishing to complete a full pre-certification audit. Alternatively, you may wish to descope or remove a portion of clauses or controls if you have already internally audited these, or possibly want to benchmark specific areas of concern within the organization.

Pre-certification audits are useful in the following circumstances:

  • To demonstrate that internal audits have been conducted on all areas of the standard ahead of an organization applying for formal certification with an external certification body such as BSI.
  • To benchmark or assess the level of compliance of your information security management system prior to taking the next step of formal certification.

What are the benefits of a complete pre-certification audit? 

  •  Confirmatory check that the components of the information security management system (ISMS) meet the ISO27001 management system requirements and controls.
  • Give an early indication if there are weaknesses or gaps in the management system compliance prior to applying for a formal certification with a certification body.
  • Provides an audit report with observations, nonconformances and improvements as evidence that ALL areas of the ISO27001 standard have been assessed in accordance with audit requirements.

Submit an enquiry using the form above and let us help you find the right solution for your organization.

 

 

ISO27001 pre-certification audit image


 

Internal audit

Ongoing Internal Audit Services –Wherever you are on your ISO27001 certification journey, we can provide different types of services to help you to meet the internal audit requirements of the ISO27001 standard.

Audits can be performed against specific areas of the ISO27001 standard to satisfy your internal audit schedule. As an example, these could be certain management system requirements or specific controls of Annex A, such as A.6, A.8 etc.

Ongoing internal audits are useful in the following circumstances:

  • To conduct a review of specific clauses or processes to give you confidence that your ISMS is on the right track and provide you with any nonconformities to fix before your annual surveillance audit.
  • To fulfil your internal audit requirements at certification with a detailed compliance report and dashboard included.

What are the benefits of internal auditing?

  • Confirms the health of your management system, the way it is operating and the efficiency of the business processes i.e. Is it wasting time, effort, and cash on inefficient processes.
  • Ensures that your company operations, processes and procedures comply with statutory, regulatory and management system requirements.
  • Gives senior management visibility into the effectiveness or weaknesses of the management system as part of the management review requirements.

Submit an enquiry using the form above and we will help identify the right solution for your organization, and provide you with a bespoke quote.

 

ISO27001 internal auditing image


 

Over 3000 businesses have purchased our toolkits

Testimonials

It was like having your hand held through the whole confusing and frustrating process of getting GDPR compliant, making it much more bearable.

EBY Design
UK

View all Testimonials