Created with Sketch.
  • Make a Payment
    • Breached?
    Contact us

    ISO 27001 Compliance Assessment

    Deliver sound risk management practices, internal control systems and compliance frameworks.

    ISO 27001 Certification Process

    The certification process is divided into two stages: The “Stage 1 Audit” and the “Stage 2 Audit”. The “Stage 1 Audit” consists of a documentation review. During Stage 1, the ISO 27001 assessor reviews policies and procedures to ensure that appropriate policies and procedures are in place to meet the requirements of the ISMS. The “Stage 2 Audit” consists of the ISO 27001 auditor performing tests of effectiveness to ensure that controls have been implemented to meet the requirements of the ISMS.

    Additional ISO 27001 Certification Requirements

    In addition to the Stage 1 and Stage 2 audits, the following must be performed to become ISO 27001 certified:

    • A periodic and independent internal audit of the ISMS against the requirements of the ISO 27001 standard.
    • Many organizations have trouble meeting the internal audit requirement do to the following reasons:
    • They do not have personnel that are truly independent. Those responsible for conducting the internal audit should not be auditing functions over which they have operational control or ownership.

    To combat these issues, organizations are outsourcing the internal audit requirement to CPA firms, such as Schneider Downs, that possess the appropriate knowledge of internal audit and ISO 27001.

    Our ISO 27001 Internal Audit Approach

    We begin our assessment by working closely with you to understand your business processes in order to understand your ISO 27001 compliance scope. We will work with and interview key individuals within the business and information technology services responsible for implementing the ISO 270001 controls to understand information security policies, procedures, and practices. We will evaluate your compliance with all control requirements through review of documentation supporting the operating effectiveness of controls. When our evaluation is complete, we will provide your organization with a detailed ISO 27001 compliance assessment report outlining corrective action plans with a detailed roadmap for achieving ISO 27001 compliance.

    About Schneider Downs IT Risk Advisory 

    Schneider Downs’ team of experienced risk advisory professionals focus on collaborating with your organization to identify and effectively mitigate risks. Our goal is to understand not only the risks related to potential loss to the organization, but to drive solutions that add value to your organization and advise on opportunities to ensure minimal disruption to your business.  

    To learn more, visit our dedicated IT Risk Advisory page. 

    IT Risk Advisory Resources

    View our additional IT Risk Advisory services and capabilities

    Learn More
    Contact us
    Subscribe For Updates

    Receive all the latest insights and industry tips.

    This field is for validation purposes and should be left unchanged.
    Email us: [email protected]
    Follow Us:
    Facebook-f Linkedin-in

    Office Locations

    Pittsburgh

    One PPG Place,
    Suite 1700
    Pittsburgh, PA 15222

    p:
    412.261.3644
    f:
    412.261.4876
    Columbus

    65 East State Street,
    Suite 2000
    Columbus, OH 43215

    p:
    614.621.4060
    f:
    614.621.4062
    Metropolitan Washington

    1660 International Drive,
    Suite 600
    McLean, VA 22102

    p:
    571.380.9003

    Links

    Inside Public Accounting Best of the Best 2024
    Accounting Today Top 100 2024
    Accounting Today Regional Leaders
    Best Of Accounting Diamond Award

    Schneider Downs is a Top 60 independent Certified Public Accounting (CPA) firm providing accounting, tax, audit and business advisory services to public and private companies, not-for-profit organizations and global companies. We also offer Internal Audit; Technology Consulting; Software Solutions; Personal Financial Services; Retirement Plan Solutions and Corporate Finance Services. Schneider Downs is the 13th largest accounting firm in the Mid-Atlantic region and serves individuals and companies in Pennsylvania (PA), Ohio (OH), West Virginia (WV), New York (NY), Maryland (MD), and additional states in the United States with offices in Pittsburgh, PA, Columbus, OH, and McLean, VA.

    © 2024 Schneider Downs & Co., Inc. Maryland license number 35239.

    Breached?

    Every moment counts. For urgent requests, contact the Schneider Downs digital forensics and incident response team at 1-800-993-8937. For all other requests, please complete the form below.

    "*" indicates required fields

    This field is for validation purposes and should be left unchanged.