To maintain ISO 27001 and ISO 27701 certification, companies require a regular internal audit to be conducted against their Information Security Management System (ISMS) and Privacy Information Management System (PIMS).
Having access to a member of staff who has the knowledge to conduct an audit of an ISMS or a PIMS, without them being involved in the day-to-day management of those systems, i.e. someone with no vested interest, is difficult to find. Quite frankly it is unlikely in any organisation that doesn’t have a large and well resourced Internal Audit capability.
BH Consulting provide Internal Audit services for many of our clients for this reason, including for ISO 27001, ISO 27701 and ISO 27018 certification. Clients value this service as we provide an entirely independent and informed review of the controls they have in place. Read up on previous client success here