Your auditor will typically take three days to complete the audit. This will be a combination of interviews with key individuals, reviews of documentation and sample checking.
You will receive a detailed audit report providing an assurance rating for each area, in addition to an executive summary that can be provided to your board. We aim to provide written reports to you within 10 working days of the audit commencing.
The report will explain areas of weakness and greatest risk, and identify areas of good practice. Prioritised recommendations will be highlighted to help you develop an action plan to address weaknesses and risks.
Our data protection and information security consultants can work with you to address any areas of non-compliance that we identify. Our audit and consultancy teams are kept strictly independent from eachother to allow DQM GRC to give our customers the best service.