ISO 27001
International Organization For Standardization
ISO 27001 is an international standard for information security management systems (ISMS). ISO provides a framework for the management of an information security program as well as series of objectives and control activities to protect sensitive data and mitigate risk.
AssurancePoint offers the following ISO 27001 services
- Independent internal audits designed to comply with clause 9.2 of the standard as well as streamline our clients’ external audit and certification
- Independent external audits to demonstrate your compliance with the ISO 27001 standard
Audit and Certification Process
Initial Contact:
Contact us via email, phone, or by completing our online service request form
Needs Assessment:
A member of the AssurancePoint management team will reach out to understand your needs and expectations, ensuring we tailor our service details to meet your business requirements.
Service Proposal:
We will prepare a service proposal based on your specific needs. This is a no-obligation, free quote, providing technical details of the service and the investment required on your part.
Once you have reviewed and accepted the proposal, we will proceed with the certification process.
Stage 1 Audit:
The Stage 1 certification audit begins with a review of your company’s management system documentation, along with a site tour of your premises. This step allows our auditors to understand your business, assess the scope and scale of the management system, and determine readiness for the Stage 2 audit. We will work closely with you to resolve any gaps or issues identified.
Stage 2 Audit:
In Stage 2, we conduct the on-site audit (remote options are available), visiting your offices and operational sites to verify the effective implementation and compliance of your management system with relevant international standards. Following the audit, you will receive a detailed report outlining the findings, including any observations or gaps identified.
Certification Decision:
After the successful completion of the audit and resolution of any findings, we will apply our internal quality control procedures before issuing the certification decision, in line with the relevant standards. The issued certificate is valid for three years, during which ongoing compliance is required to maintain its validity.
Ongoing Surveillance Audits:
We will conduct annual surveillance audits throughout the certificate’s lifecycle to ensure continued compliance with the standard. These audits also help identify opportunities for improvement, allowing you to fully benefit from the management system and certification process.
Commitment to Impartiality
We commit to impartiality in all our assessments to ensure unbiased outcomes and to compy with standards established by ISO/IEC 17021.