A General audit provides an overall view of the level, effectiveness, and compliance of the company's IT processes.

Administrative security auditing gives an idea of ​​the maturity and effectiveness of security management. It can be used to assess the level of compliance and to anticipate possible shortcomings.

GAP audit assesses the ability of an organisation to meet the requirements of the standard and the workload to achieve the minimum level specified by the standard. After the audit, the organisation has an understanding of the work required for certification. Note! certification can only be given by an accredited body. This audit does not produce certification.

Supplier auditing supports the organisation in supplier quality, security, or compliance audits by participating in the development of the audit plan, surveying, and self-auditing, and reporting with the organisation. Audits provide insight into supplier risks and address the root causes of quality deviations.

Example frameworks that can be used for auditing purposes




(ISO31000, risk framework)