Full System Mock Compliance Review
Once an organisation has implemented an information security management system a continual cycle of improvement within the organisation is key to maintaining compliance as part of the PLAN-DO-CHECK-ACT to improve process of ISO 27001.
Should an organisation gain certification to the standard Sapphire can provide a system-wide consultancy compliance review to highlight any non conformities within the system which require the implementation of corrective and preventative measures before the certification body returns for the external review. This audit is a safety net which gives an organisation further confidence and identifies problems which can be rectified before they are raised at the audit that really matters. Examples of some of the forms and documentation including the areas of the review are detailed below.
A full mock compliance audit report is completed once the review has taken place covering the following areas:
- ISMS Effectiveness
- Metrics
- Continual Improvement
- IS Audit Arrangements
- Operational Improvements
- HR Issues
The duration of the full system review will vary depending upon the size of the scope of the organisations information security management system.
