Professional Documents
Culture Documents
AUDITS GUIDE
The audits and associated costs
needed to gain and maintain
ISO 27001 certi�ication
Audits Schedule
Once certi�ied, an ISO 27001 certi�ied Information Security Management System (ISMS)
must be audited annually to maintain certi�ication. Internal Audits must be done each year by
a third party, like Pivot Point Security, or internal personnel with an appropriate level of expertise
who has not been instrumental in building or running the ISMS. Objectivity is the key here.
...and so on
1 info@pivotpointsecurity.com
Audit Summaries
Often companies need help preparing for a Certi�ication Audit (from a company like Pivot
Point Security) and costs associated with certi�ication preparation from a third party range
from $35,000 to $70,000
2 info@pivotpointsecurity.com
Audit Summaries
3 info@pivotpointsecurity.com
Overall Costs
If you’re going to use an external resource (like Pivot Point Security) to prepare for your
Certi�ication Audit and subsequent Internal Audits, here is a year-by-year breakdown of the cost
ranges you can expect to achieve and maintain certi�ication:
2018
- Internal Audit performed by independent third party
Certi�ication Audit preparation and Internal - Surveillance Audit performed by certi�ication body
Audit = $35,000 to $70,000
Certi�ication Audit performed by certi�ication
body = $15,000 to $30,000 2019
2018 Total = $50,000 to $100,000 $9,000 to $20,000
$9,750 – $22,500
2020 2019 Total = $18,750 to $42,500
$9,000 to $20,000
$9,750 – $22,500
$9,000 to $20,000
Recerti�ication Audit performed by
certi�ication body = $15,000 – $30,000
2022
2021 Total = $24,000 to $50,000
$9,000 to $20,000
$9,750 – $22,500
$9,000 to $20,000
$9,750 – $22,500
2024
2019 Total = $18,750 to $42,500
$9,000 to $20,000
Recerti�ication Audit performed by
certi�ication body = $15,000 – $30,000
4 info@pivotpointsecurity.com
Have questions or need
more information?
info@pivotpointsecurity.com