Audit guidance

Audit guidance company

Although we do not issue certificates, our team of ISO 27001 certified consultants can help you prepare for an ISO audit. Moreover, we are well placed to give you an in-depth insight into your current security level. SpotIT follows a pragmatic approach for audit guidance. An audit report should therefore lead to a tangible action plan to improve your information security.

Written Information Security Plan (WISP)

For SpotIT, a security policy is a matter of common sense and the right technology. With regard to the latter, we opt for a combination of a COBIT framework (Control Objective for Information and Related Technology) with a number of legal standards (ISO, SOX, NIST, etc.). This is how we arrive at an achievable security policy tailored to your company.

COBIT enables us to compare the maturity of your organization’s information security with companies in your sector and with your own objectives. This allows us to draw up an Information Security Action Plan (ISAP) to increase the maturity of your organization’s information security.

We combine this ISAP with your legally required standards for drawing up a Written Information Security Plan (WISP). The WISP not only contains your security policy, but also helps your employees to comply with this policy by giving them all the information they need for this: practical examples, templates for reporting incidents, etc.

swoosh top grey

Time to talk?


Do you want to know how your security and network are doing?

With an in-depth audit we map out your security challenges and your entire network.