Information Security Solutions - Paramount Computer Systems in Dubai, Abu Dhabi, Bahrain, Kuwait and Qatar
Home ›› Consulting ›› Pre - Certification Audit - Standard based
Pre-Certification Audit – Standard based
What is this service?
A pre-certification audit is a high level evaluation indicating where your company currently stands in compliance with specific standards (ISO 27001:2005, BS 25999 and ISO 20000) before the main certification audit. This audit is conducted under certification audit conditions and non-conformances are identified for the client’s action. Pre-certification Audit provides information as to how an organization’s current practices compare to the relevant certification requirements. It addresses any organization in any industry and of any size, which wants to evaluate the compliance of the management system against the applicable standard and to identify the major discrepancies and areas of improvement before the certification audit.
...............................................................................................................................................................................................................................................................................................................................

Why is this services required?
A pre-certification audit is required before an organization commits itself to a certification initiative. It is designed to gather as much information as possible on the current practices, systems and controls and identify any weaknesses or problems in the management system. It allows your organization to assess the degree of implementation and effectiveness of the Management System. The non-conformities can be identified and corrective actions can be chosen and implemented prior to the certification process. It also acts as a learning and evaluation tool for an organization to develop and enhance the management system.
...............................................................................................................................................................................................................................................................................................................................

Pre-requisites from the client
  • A well documented and implemented Information Security Management System
  • Established and documented processes, sub processes, policies, procedures, standards and guidelines.
  • Top Management mandate for the Management System.
...............................................................................................................................................................................................................................................................................................................................

Customer Benefits
    Some of the benefits that will accrue due to Pre-certification Audit are
  • It gives an invaluable experience of the certification process and provides a 'snap-shot' of the level of compliance of the management system to the standard.
  • Identifying discrepancies between the existing management system and the requirements of the standard,
  • Reduces risk of non-conformance during the actual certification audit.
  • Effectiveness of the Management System
  • An outside, objective view of your management system.
  • Clarifying certain specific requirements of the standard
  • Working with external auditor
  • Making the staff within the organisation aware of the audit practice.
  • Help educate your management and staff on what is about to occur.
...............................................................................................................................................................................................................................................................................................................................

Paramount Service Delivery Process
Paramount follows a structured approach for Pre certification Audit which is on the lines of an actual certification Audit. Here the auditor conducts a review of compliance with the standard. Pre-certification assessments involve a detailed review of relevant documentation followed by review of the relevant implementation of the standard.

Pre-Certification Audit Services

    Information Gathering
  • Know if the organization complies to any specific international standard or self-developed organization wide best practices, standards and guidelines
  • Understand the organizational processes, established company specific security standards and frameworks as well as approved best practices
  • Study the organizational infrastructure, financial and business processes, IT infrastructure and processes etc.
    Assessment
  • Check the existing documentation of the management system for compliance against the requirements set by the standard
  • Check the existing implementation of the Management system for compliance against what has been documented and requirements set by the standard
  • Understand the deviations (gaps) from the baseline and scope for improvements
  • Evidence on compliance to standards, policies or best practices
    Documentation
  • Documentation of information assessed and evidences where required
  • Provide pre-certification audit report bringing out the existing and potential gaps and non-conformities.
  • Provide recommendations for corrective action to close the gaps and non-conformities
...............................................................................................................................................................................................................................................................................................................................

Deliverables
  • Pre- Certification Audit Report
  • Recommendations Report for closing gaps and non-conformities.
Home   |   Company   |   Consulting   |    Technology   |   ITSM   |   Careers   |   Knowledge Centre   |   Testimonials   |   Contact Us   |   Sitemap
©  2008. Paramount Computer Systems, All Rights Reserved.