Carrying out audits of compliance with the requirements to establish, implement, maintain and continuously improve an information security management system in the context of the organisation, provided for in the technical standard ISO IEC 27001:2022 ‘Information security, cybersecurity and privacy protection – Information security management systems – Requirements’.

Type of audits carried out:

• First (1^) party internal audit against the client’s company.
• Second (2^) party external audit against the client company’s supplier.
• Third (3^) party external audit on behalf of the Certification Bodies accredited by Accreditation Bodies.

Applied methodology:

• Audits are carried out by professional experts taking as a reference the guidelines for auditing management systems UNI EN ISO 19011:2018 by means of specific check-lists. At the end of the activity, the “Audit Report” is drawn up, dated, reviewed and approved in accordance with the procedures of the audit programme and provided to the recepients of the commissioning company.