HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Services > ISO 27001 certification audit training
Go to: HSC Trainings
Télécharger le catalogue des formations
Search:  
Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication
 
 
o HSC Newsletter
o Bulletin juridique HSC
o Press review
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|ISO 27001 certification audit training  
blah Services
See also...
o Guidance service for ISO 27001 implementation
o ISO 27001 status overview
o General presentation of our ISO 27001 services
o HSC ethical and deontological guidelines

Objective of the service

To assist the customer in getting ready for the certification audit. For this, the HSC consultants use the exactly same approach and methods than the certification auditors. This service is a mock certification audit.

In which cases to select this service

You have implemented an Information Security Management System and you want to ensure that you are effectively ready before calling the certification auditors.

Results of the service

We deliver you two reports:

  • An audit report summaring every observed non-conformity and corrective/preventive actions that are proposed by the audited party. This report can be integrated by the customer in his ISMS as an outsourced internal audit report.
  • A advice report giving all recommendations that are to be taken into consideration before calling the certification auditors.

Detailled description

The consultants perform the audit of the ISMS in the same conditions as during a real certification. Consequently, they use the ISO 19011 approach which requires two well-defined steps:

  • First step: Documentation review
  • Second step: Main audit

First step: Documentation review

During this review, the HSC consultants look over the ISMS documentation, conforming to ISO 27001 chapter 4.3.1. A particular consideration is focused on the following documents:

  • ISMS policy
  • ISMS scope
  • Statement of Applicability (SoA)
  • Risk management procedure
  • Risk assessment report
  • Risk treatment plan
  • Etc.

Second step: Main audit

The HSC consultants audit each requirement of the ISO 27001 standard as they are implemented in the customer organisation. The objective is to ensure the compliance of the practice with the documentation.

Last modified on 5 February 2009 at 15:58:13 CET - webmaster@hsc.fr
Mentions légales - Information on this server - © 1989-2013 Hervé Schauer Consultants