Skip to Main Content
Learn for less: Save 10% on high-quality foundation and auditor training. Find out more
ISO 27001 Internal Audit Service

ISO 27001 Internal Audit Service

SKU: 4785
Format: (1 year)

Outsource your internal audit to a qualified auditor with deep experience of ISO 27001 and the audit process, and gain the assurance you need to ensure you meet your clients’ and stakeholders’ demands.

This service consists of two separate audit days spread over one year.

Please note, the price quoted is for SMEs with up to 50 employees, based upon a single main site in mainland UK. If you have specific requirements, please contact us for a personalised quote.

 COVID-19: remote delivery options

We would like to reassure our clients that all training and consultancy services will go ahead as scheduled during the current COVID-19 situation. As a company that fully embraces flexible and remote working, we are adjusting our delivery methods to allow us to provide consultancy services, penetration tests and training remotely where necessary. Please also refer to our COVID-19 policy.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our service centre team on +44 (0)333 800 7000.

For more information about this service or to get a tailored quote for your organisation, please enquire below and one of our experts will be in touch shortly.Enquire about this service

Remove the guesswork from your ISO 27001 audits with an experienced auditor on your side

Implementing an ISO 27001-compliant ISMS requires ongoing maintenance and review to meet the Standard’s requirements in clauses 8 and 9. The internal audit is an essential element of this process, which must be carried out as described in clause 9.2 of ISO 27001, and should be conducted at planned intervals.

Without the experience of a seasoned audit professional, the internal audit can be challenging to undertake, especially when the organisation is new to ISO 27001.

Get a specialist on board to conduct your internal audit and leave all the checking and verification to us.

Our auditors are qualified and experienced lead auditors, with both knowledge of current audit practices and practical implementation experience, enabling you to benefit from additional remediation advice.

You will receive a detailed audit report highlighting any nonconformities identified, which will help you meet the Standard’s requirements for an objective and impartial audit process. The report will provide the required assurance as to whether the ISMS continues to conform to management’s requirements and to those of ISO 27001.

See what our customers think about this service

"We are happy with the audit services, they’re always delivered professionally, especially the interviews conducted by our consultants. We have had no issues."

- Anonymous


" We've been using IT Governance for the entirety of our Internal Audits and are very satisfied. We have had the same consultant for a few years, Max Cartwright, he has been absolutely stellar."

- Anonymous

What's included?

What does this service cover?

  • Audit day one: audit of conformance to requirements in clauses 4-10 of ISO 27001;
  • Audit day two: audit of selected ISMS controls and control effectiveness.

Your internal audit will include the following:

  1. Document review;
  2. Follow-up – a review of whether all the corrective actions raised during any previous audits have been closed;
  3. Organisational ‘walk-through’ to observe the implementation of management system requirements;
  4. Interviews with relevant staff;
  5. The production of an internal audit report, ready for management review, which presents a summary of all the nonconformities found.
  • The price is applicable for SMEs with up to 50 employees, based upon a single main site.
  • Minor, additional sites may be included in the scope of the audit however no visit to other sites will take place. For larger organisations, please contact us for a custom quote.
  • If your business is located outside mainland UK (England, Scotland and Wales), additional expenses will be charged to accommodate our consultant’s travel for the on-site assessment.
  • Discounts for multi-year audits only apply when a two- or three-year contract is agreed at the purchase of the first test; discounts cannot be backdated.
  • The service fee will be invoiced annually (in the year of the audit). An invoice will be issued 28 days before the first planned audit in the year.

Speak to an ISO 27001 expert today

Get in touch with one of our qualified ISO 27001 specialists for free practical advice on the ISO 27001 internal audit process.

If you are not eligible for the quoted service, please contact us to discuss your requirements and we will provide a quote based on your specific needs.

Enquire about this service

Customer Reviews

(5.00)stars out of 5
Number of reviews: 2
1. on 14/06/2023, said:
5 stars out of 5
Really great audit, very similar to the accreditation audit so feel like it prepared us for the real thing !
2. on 16/06/2022, said:
5 stars out of 5
Georgina was a breath of fresh air in the ISO27001 world. Her enthusiasm and natural curiosity made for a great internal audit that ticked all the boxes.
Showing comments 1-2 of 2
This website uses cookies. View our cookie policy
SAVE 10%