Why do you need an ISMS inspection?
There can be many reasons for an ISMS inspection:
Just like with a PC, that has been in use for years, processes and approaches are established in an ISMS over the years, that restrict the ISMS in its function and possibly hinder the company.
Perhaps you have also decided not to certify a single standard and have not re-moved it from your integrated management system without leaving any residues.
Or you may have implemented several different management systems (e.g. ISO 9001, ISO 27001) and would like to link them better.
You suspect that complicated or unnecessary processes were implemented with the justification of a standard requirement and would like an independent assess-ment.
While the monitoring and recertification audits tend to be carried out on a random basis, during an inspection the ISMS is not only checked for standard conformity, but also whether there are any unnecessary regulations. In addition, problems that emerged only after the implementation of regulations and processes are scrutinized carefully.
What is the process of an ISMS inspection?
First, we perform a gap analysis in which we clarify the following questions:
- What does the standard require?
- How was the requirement implemented?
- Are there any overlaps with other existing management systems?
- What problems arise during the implementation or due to the overlap?
- When and how often do required processes take place?
Afterwards we analyze the audit reports of the internal audit and the minutes of the ISMS meetings. Based on our findings, we make recommendations for improving the ISMS and its processes.
Why should you choose abat AG?
abat offers you consulting services in this area so that information security can be pro-moted in your company and you are well equipped for certification and testing processes. Our consultants are licensed by DEKRA Certification GmbH as ISO 27001 auditors. Years of experience and regular training in this area ensure that we are guided by the current standards. Our goal is to inform you about dangers in IT or to prepare you opti-mally for an exam.
Free initial consultation to analyze your needs
In the first meeting you define your initial situation with us, and we clarify initial questions. This appointment is free for you and without obligation. Just call us at +49 421 4304 60 or write an e-mail to firstname.lastname@example.org.