Description of the goods or services required
What is required?
Social Care Wales has held ISO 27001:2013 certification since 2008.We achieved our most recent triennial recertification in April 2021.
We are seeking to commission an internal audit service to support our ISO 27001:2103 compliance as set out below:
To conduct a phased risk based approach to the review consisting of:
- Audit of compliance with clauses 4 to 10 of the Standard being:
- Context of the organisation
- Leadership
- Planning
- Support
- Operation
- Performance evaluation
- Improvement
- Audit of compliance with the 114 control objectives contained within the Standard
Terms of engagement
- We are advised, by BSI, our certification body that this phase should require an expected fieldwork duration 3-4 days per annum which would cover clauses 4-10 of the Standard and all 114 control objectives contained within the Standard
- Audit dates should be agreed with the client
- Draft report should be provided within 10 working days of the completion of the audit
- Final report should be issued within 10 working days of issuing the draft re-port
- Will follow through any external certification audit findings and remedial ac-tions received by the client
See request for Quote for more information
NOTE: To register your interest in this notice and obtain any additional information please visit the Sell2Wales Web Site at https://www.sell2wales.gov.wales/Search/Search_Switch.aspx?ID=114567.
The buyer has indicated that it will accept electronic responses to this notice via the Postbox facility. A user guide is available at https://www.sell2wales.gov.wales/sitehelp/help_guides.aspx.
Suppliers are advised to allow adequate time for uploading documents and to dispatch the electronic response well in advance of the closing time to avoid any last minute problems.
|