The ISO/IEC 27001 standard requires the periodic verification of any information security measures adopted. The image of the current state in relation to the standard is referred to as the Gap Analysis, and it’s a required step for every company to obtain ISO/IEC 27001 certification.
Canopo Audit can be used to perform this audit quickly, in a streamlined and highly efficient way. This utilisation scenario involves the following steps:
- create ISO/IEC 27001 Gap Analysis questionnaire;
- enter company data;
- apply the audit, and create a periodic execution plan (annual for example);
- audit compilation by the auditor;
- add all the non-conformities in a company remediation plan.
- verify results using an analysis report and gap graph (an example of the analysis dashboard