Services

Internal audits, readiness checks, gap analysis

We work in a structured and transparent way. Deliverables include clear findings, a prioritized action plan, and a solid evidence base for ISO 27001 and/or TISAX.

Internal audits

Audit program, audit plan, interviews, sampling, document review, report, action tracking.

Optional: support for management review incl. metrics and effectiveness evaluation.

Certification readiness

Readiness assessment focusing on scope, governance, risk treatment, documentation, and evidence quality.

Goal: “audit-ready” with minimal surprises during certification/assessment.

Gap analysis

As-is/to-be mapping against requirements (ISO 27001:2022, Annex A / VDA ISA for TISAX).

Output: action plan with priorities, effort estimates, and ownership.

Delivery approach

1) Scoping & kick-off

Scope, sites/assets, interfaces, objectives, timeline, stakeholders.

2) Evidence & testing

Documentation, technical sampling, process evidence, effectiveness, nonconformities.

3) Findings & prioritization

Classification, root causes, quick wins, risk impact, management-friendly summary.

4) Remediation & follow-up

Tracking, effectiveness checks, preparation for external audits/assessments.

Contact: info@clavisconsult.com