Your auditor will typically take three days to complete the audit. This will be a combination of interviews with key individuals, documentation reviews and sample checking.
You will receive a detailed audit report giving an assurance rating for each area and an executive summary that can be provided to your board. We aim to provide written reports within ten working days of the audit commencing.
The report will explain areas of weakness and most significant risk, and identify areas of good practice. Prioritised recommendations will be highlighted to help you develop an action plan to address weaknesses and risks.
Our data protection and information security consultants can work with you to address any areas of non-compliance that we identify. Our audit and consultancy teams are kept strictly independent to allow DQM GRC to give our customers the best service.