What is an ISO 27001 Gap Assessment?
An ISO 27001 Gap Assessment is considered an internal audit and is performed to measure an organizations conformance or non-conformance to the ISO 27001:2013 standards auditable requirements for an Information Security Management System (ISMS).
SecuraStar’s ISO 27001 Gap Assessment
Our Gap Assessment is a specialized product and service that was designed to provide Executive Management with a high level overview, business case and project plan for remediation. It also provides the information security department with a detailed low-level overview of ISO 27001 requirements vs evidences of conformity. The deliverables are used to identify gaps, establish a project plan and create a business case for the executive management team.
ISO 27001 Gap Assessment deliverables:
- Section 4-10 Assessment
- Annex A Control Maturity Assessment
- Executive Summary Report
- ISO 27001 Framework Diagram with Gaps
- ISO 27001 Project Plan
- ISO 27001 Scope