Internal Audit for ISO 27001:2013 standards
An ISO 27001 Gap Assessment is considered an internal audit and is performed to measure an organizations conformance or non-conformance to the ISO 27001:2013 standards auditable requirements for an Information Security Management System (ISMS).
Our Gap Assessment is a specialized product and service that was designed to provide Executive Management with a high level overview, business case and project plan for remediation. It also provides the information security department with a detailed low-level overview of ISO 27001 requirements vs evidences of conformity. The deliverables are used to identify gaps, establish a project plan and create a business case for the executive management team.