Skip to Main Content
Strengthen your email security practices with 50% off e-learning | Shop now
ISO 27001 Internal Audit Service

ISO 27001 Internal Audit Service

SKU: 4785
Format: (Year 1)
Availability: Always Available

Outsource your internal audit to a qualified auditor with deep experience of ISO 27001 and the audit process, and gain the assurance you need to ensure you meet your clients’ and stakeholders’ demands.

This service consists of two separate audit days spread over one year.

“I worked with Sharon O’Reilly in different business industries, implementing both ISO 9001 and ISO 27001. She made compliance with the standards easy to understand, simple to follow and, most importantly, an integral part of the business processes. Furthermore, Sharon’s consultancy and expert advice with regards to the EU GDPR was and continues to be invaluable to ensuring continuous company compliance with all applicable data protection regulations.” - Ramona Patton Risk and Compliance Manager/DPO - Savills

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account.  Apply online today or call our service centre team on 00 800 48 484 484.

 COVID-19: remote delivery options

We would like to reassure our clients that all training and consultancy services will go ahead as scheduled during the current COVID-19 situation. As a company that fully embraces flexible and remote working, we are adjusting our delivery methods to allow us to provide consultancy services, penetration tests and training remotely where necessary. Please also refer to our COVID-19 policy.

For more information about this service or to get a tailored quote for your organisation, please enquire below and one of our experts will be in touch shortly.Enquire about this service

Remove the guesswork from your ISO 27001 audits with an experienced auditor on your side

Implementing an ISO 27001-compliant ISMS requires ongoing maintenance and review to meet the Standard’s requirements in clauses 8 and 9. The internal audit is an essential element of this process, which must be carried out as described in clause 9.2 of ISO 27001, and should be conducted at planned intervals.

Without the experience of a seasoned audit professional, the internal audit can be challenging to undertake, especially when the organisation is new to ISO 27001.

Get a specialist on board to conduct your internal audit and leave all the checking and verification to us.

Our auditors are qualified and experienced lead auditors, with both knowledge of current audit practices and practical implementation experience, enabling you to benefit from additional remediation advice.

You will receive a detailed audit report highlighting any nonconformities identified, which will help you meet the Standard’s requirements for an objective and impartial audit process. The report will provide the required assurance as to whether the ISMS continues to conform to management’s requirements and to those of ISO 27001.

What is covered by this service?

  • Audit day one: audit of conformance to requirements in clauses 4-10 of ISO 27001:2013;
  • Audit day two: audit of selected ISMS controls and control effectiveness.

Your internal audit will include the following:

  1. Document review;
  2. Follow-up – a review of whether all the corrective actions raised during any previous audits have been closed;
  3. Organisational ‘walk-through’ to observe the implementation of management system requirements;
  4. Interviews with relevant staff;
  5. The production of an internal audit report, ready for management review, which presents a summary of all the nonconformities found.


The price is applicable for SMEs with up to 50 employees, based upon a single main site. Minor, additional sites may be included in the scope of the audit however no visit to other sites will take place. For larger organisations, please contact us for a custom quote by emailing

Consultant expenses related to travelling, etc. are not included in the price.

Discounts for multi-year audits only apply when a two- or three-year contract is agreed at the purchase of the first test; discounts cannot be backdated.

The service fee will be invoiced annually (in the year of the audit). An invoice will be issued 28 days before the first planned audit in the year.

Speak to an ISO 27001 expert today

Get in touch with one of our qualified ISO 27001 specialists for free practical advice on the ISO 27001 internal audit process.

If you are not eligible for the quoted service, please contact us to discuss your requirements and we will provide a quote based on your specific needs.

Enquire about this service


Customer Reviews