Internal & GAP audits for ISO 27001 and ISO 9001
Internal and GAP audits for ISO 27001 and ISO 9001 performed in line with ISO 19011 by IRCA-certified lead auditors with hands-on experience in IT and cybersecurity.
- ISO 19011 audit methodology
- IRCA-certified lead auditors
- CCSK (Cloud Security Alliance)
- Evidence-based, risk-based audit approach
- Experience with EU and non-EU clients
- 6+ years hands-on IT & cybersecurity experience
- 100% remote audit delivery model
Focused internal and GAP audits with evidence-based findings and actionable outputs.
Assessment of your ISMS against applicable clauses and controls (Annex A), focusing on risk management, effectiveness and conformity.
Process-oriented audit of QMS: risks, KPIs, management controls and consistent implementation.
Audits and gap reviews aligned to ISO/IEC 27017, ISO/IEC 27018 and ISO/IEC 27701 supported by CCSK capability.
Audits are performed in line with ISO 19011 using an independent, objective approach focused on real system effectiveness.
Scope boundaries, processes/systems and applicable requirements.
Plan, schedule, sampling and pre-audit evidence list.
Interviews, record review and control testing.
NC / OFI with traceability to clauses/controls and evidence.
Structured report with assessment, findings and recommendations.
CAPA guidance and closure verification (as agreed).
- Clear audit criteria (clause/control → test → evidence)
- Full traceability (audit trail)
- Report with findings (NC / OFI) and evidence
- Practical recommendations and CAPA guidance
- Independent and objective assessment
- IRCA-certified lead auditors
- 6+ years IT and cybersecurity experience
- Hands-on internal and external audit exposure
- CCSK capability for cloud environments
- EU and non-EU client experience
- Minimal operational disruption
These are internal and GAP audits with a consulting nature and do not represent a certification audit or the activity of a certification body.
Share scope and objective — we’ll return a plan, estimated timeline and a quote.