Your auditor will typically take three days to complete the audit. This will be a combination of interviews with key individuals, reviews of documentation and sample checking.
You will receive a detailed audit report providing an assurance rating for each area, in addition to an executive summary that can be provided to your board. We aim to provide written reports to you within 10 working days of the audit commencing.
The report will explain areas of weakness and greatest risk, and identify areas of good practice. Prioritised recommendations will be highlighted to help you develop an action plan to address weaknesses and risks.
Our data protection and information security consultants can work with you to address any areas of non-compliance that we identify. We maintain strict Chinese walls between our audit and consultancy teams.