The Challenge

To maintain ISO 27001 and ISO 27701 certification, companies require a regular internal audit to be conducted against their Information Security Management System (ISMS) and Privacy Information Management System (PIMS).

Having access to a member of staff who has the knowledge to conduct an audit of an ISMS or a PIMS, without them being involved in the day-to-day management of those systems, i.e. someone with no vested interest, is difficult to find. Quite frankly it is unlikely in any organisation that doesn’t have a large and well resourced Internal Audit capability.

BH Consulting provide Internal Audit services for many of our clients for this reason, including for ISO 27001, ISO 27701 and ISO 27018 certification. Clients value this service as we provide an entirely independent and informed review of the controls they have in place. Read up on previous client success here

The Service

An Internal Audit examines the Information Security Management System (ISMS) for continuous certification to the ISO 27001 Information Security Standard.

ISO/IEC 27701 is an extension of ISO/IEC 27001 and ISO/IEC 27002 which provides a typical framework for extending your ISMS, including the more specific requirements and guidance for protecting your organisation’s personally identifiable information (PII), together constituting a Privacy Information Management System (PIMS).

The Internal Audit is carried out against the requirements of ISO 27001 (and where applicable the ISO 27701 standard), to screen for and identify possible non-conforming controls. The deliverable is a set of relevant recommendations to help close these gaps and better align with the standards in scope.

The Benefits

  • Test the effectiveness of your information security and privacy management against the requirements of ISO 27001 or ISO 27701

  • Avail of expertise which can be hard to resource internally

  • Gain from using an external specialist organisation to carry out independent auditing services

Let’s Talk

Please leave your contact details and a member of our team will be in touch shortly.

"*" indicates required fields

Name*