Information Security Management System (ISMS) Audit

We conduct ISMS audit to minimize risk and ensure business continuity by pro-actively limiting the impact of a security breach. ISMS audit demonstrates any company’s approach towards information security and privacy. In ISMS audit, our set of deliverables are as follows:

Documentation review

This is a review of company’s policies, procedures, standards, and guidance documentation to ensure that it is fit for purpose and is being reviewed and maintained

Evidential audit

This is an audit activity that actively samples evidence to show that policies are being complied with, that procedures and standards are being followed, and that guidance is being considered


Apart from the documentation review and/or evidential sampling, our team assesses and analyses the findings to confirm if the standard requirements are being met

Audit report

An audit report is also formally prepared and submitted adhering to the industry best standards

The purpose of this activity is to review the IT infrastructure for gap analysis. We conduct a project kick-off session, approximately one business day in length, at a mutually agreeable time at CLIENT designated office (“Kickoff Meeting”). This session is conducted between the client’s point of contact and the designated team to:

  • Identify security controls in-scope departments that include application, network, and operating system access control.
  • Analyze all relevant policies and SOP documents, network diagrams, applications, systems, network equipment and list of controls, identification of assets in scope of gap analysis.