+44 (0) 114 330 9800


Stage 1 - Identification

We check for the presence of essential policy and procedure documents which would be required to achieve certification for a standard, such as ISO27001.

More Info

Stage 2 - Assessment

We will assess the effectiveness of organisations policies and procedures to see if they deliver the desired outcome. It also checks to see if the policies and procedures are adhered to by employees.

More Info

Stage 3 - Treatment

We can help businesses create, improve and promote policies and procedures. It resolves issues such as missing policies, ineffective processes or lack of policy awareness amongst employees.

More Info


Our auditing service focusses on identifying, assessing and treating issues contained within an organisations documented policies and procedures. The audits can be completed against a specific standard such as ISO27001 or can be more general and assess how well the policies and procedures perform against risks specific to an individual business. As with all of our services, stages can be purchased individually or together. If you have a preferred IT provider, consultant or in-house team which can already perform some stages but not others; we are more than happy to adapt the service to suit your requirements.


For pricing, booking and further queries please contact us:
Call: 0114 330 9800 (Option 2) or E-mail: info@kilco-iss.com

Stage 1 – Identification

A Stage 1 audit aims to identify which policy documents are present and which are required for compliance with a certain standard such as ISO27001. This is commonly referred to as a documentation review. After the audit, the customer will be presented with a clear list showing which policies are in place and which are missing; allowing an organisation to fill in their documentation gaps.

Stage 2 – Assessment

Stage 2 audits assess the effectiveness of an organisations policies and procedures to achieve the desired outcome. It focuses on whether the policies and procedures are designed and operated in a way which is suitable to meet the organisations information security and business objectives. We will check to see if procedures are repeatable, measurable and subject to a continual improvement regime, but also how consistently these processes are being adhered to throughout the organisation. After the audit, the customer will be presented with a report that identifies and explains which processes and policies were found to be ineffective or unestablished within an organisation. In addition to the report, our auditors will explain the results of the audit in a clear and understandable format so the organisation knows what needs to be done to address any ineffective policies or procedures.

Stage 3 – Treatment

The Stage 3 audit service is where our auditing role transforms into a consultancy role. We will work with an organisation and give advice to help them address issues found in a Stage 1 or Stage 2 audit. This may involve Kilco re-writing the policies, assisting the organisations policy makers or helping promote policies and procedures throughout the organisation.