Internal audits refer to systematic and independent assessments conducted within an organization to evaluate its Information Security Management System (ISMS) against the requirements of the ISO 27001 standard. These audits help identify areas of non-compliance, potential risks, and opportunities for improvement, ensuring ongoing effectiveness and compliance with the standard.
In scope of our ISMS, we set up an comprehensive and complete internal audit program, which contains all controls of the ISO27001 standards. Results of internal audits and corresponding measures are discussed by the quarterly risk committee and then managed according to defined actions plans and due dates.