+31 (0)73 - 220 2000 | info@brandcompliance.com
English
  • Dutch
  • English
  • Beglië
  • Dutch
  • English
  • Beglië
Brand Compliance
  • Certify
    • ISO 9001
    • ISO 22301 (BCM)
    • ISO 19770-1 (IT-assets)
    • ISO 27001
    • ISO 27017 and ISO 27018
    • BIO
    • ISO 27701 (Privacy)
    • NEN 7510
  • IT Assurance
    • SOC 2
  • Vacancies
  • Knowledge base
  • BC Academy
Contact
  • Information security
    • ISO 19770-1
    • ISO 27001
    • ISO 27017 and ISO 27018
    • ISO 27799
    • BIO
    • NEN 7510
    • SOC 2
    • ISAE 3402
  • Privacy
    • Whitepaper BC 5701
    • AVG standard BC 5701:2023 NL
    • GDPR standard BC 5701:2023 EN
    • GDPR standard BC 5701:2024 EN
    • BC 5701
    • ISO 27701
  • Quality
    • ISO 9001
    • ISO 14001
    • ISO 22301
  • Knowledge base
  • News
  • Academy
    • NIS2 training course
    • ISO 27001 training courses
    • BC 5701 training courses
  • About us
    • Start your certification journey
    • Accreditations
    • Compliment, complaint or tip
    • Privacy Statement
    • Vacancies
    • Contact

Certification process

10
  • Checklist certification
  • Do you have your first audit soon?
  • How long does ISO certification take?
  • What is a certification cycle?
  • Applying for a certification process
  • Initial audit Stage 1
  • Initial audit Stage 2
  • Nonconformities management system
  • Certificate suspended or revoked? This is how you solve it!
  • Transfer of certification

BC 5701

5
  • BC 5701 certification: where do you start?
  • Your record of processing activities and the GDPR
  • Your Data Protection Officer and the GDPR
  • Checklist for your BC 5701 certification
  • Data breach: What is it and how do you prevent it?

General

9
  • SOC 2 or ISAE 3402: which standard suits your organization?
  • The Traffic Light Protocol (TLP): what does it mean for you?
  • The Brand Compliance glossary
  • What is a management system?
  • Internal or external audit?
  • Find out more about internal audits
  • Tips to describe a proper scope
  • Accreditation versus certification
  • The use of certification logos

ISO 27001:2022

3
  • Operational Capabilities: The Backbone of Information Security
  • ISO 27001:2022 – FAQ transition
  • ISO 27001:2022 – Transition process

Whitepapers

2
  • Whitepaper management system audits
  • Whitepaper GDPR Certification Standard and Criteria BC 5701

Best practices

3
  • Mastering GDPR compliance: best practices
  • Excelling in information security: best practices
  • Quality Management: best practices for success

NEN 7510

4
  • Transition to NEN 7510-1:2024
  • NEN 7510 without healthcare institution?
  • How to expand with NEN 7510
  • The differences between ISO 27001 and NEN 7510

NIS2 Directive

2
  • NIS2 liability
  • NIS2 & the Belgian CyberFundamentals
View Categories

Initial audit Stage 1

2 min. leestijd

What are the main points of attention for an initial audit Stage 1?

You are about to start the certification process of a management system audit. In this article, we would like to share our practical experience with these audits, to provide you with optimal information about the certification process.

Initial audit Stage 1

The certification process and the audit cycle

Brand Compliance is an independent audit office that checks whether your organization meets the set standards. For example ISO 27001, ISO 27701, ISO 9001 and NEN 7510. We assess whether you have correctly applied the standard’s requirements and implemented it into your organization and whether you operate in accordance with your policy documents, processes, and procedures. If the result is positive, we will issue a certificate.

Management system certifications such as ISO 27001, ISO 27701, ISO 9001 and NEN 7510 consist of a cycle comprising three years. Each year we will conduct an audit at your organization. The cycle starts as soon as your organization has obtained a certificate for the first time.

In order to obtain a certificate for the first time, we conduct a so-called ‘initial audit’. The audit consists of two stages.

  • Stage 1 audit: during stage 1, we assess whether your organization is ready for stage 2, on the basis of the documented information in your management system and your knowledge and understanding of the requirements of the standard.
  • Stage 2 audit: during Stage 2, we assess the implementation and effectiveness of the management systems. Are all processes executed as described? Is the policy adhered to? Are employees aware of their contribution to the management system?

initial audit

Focal points in preparation for an initial audit Stage 1

We are happy to share the following focal points with you. These points are essential in your preparations for the certification process.

  1. Before planning the audit, determine that your organization has a functioning management system with the related processes and working methods.
  2. Ensure that you have integrated the management system processes into your organization’s processes so that they fit in with your business operations.
  3. In addition to the mandatory documented information ensure that you maintain sufficient documentation to demonstrate that you are carrying out the management system processes effectively.
  4. Document where you deviated from your – planned – processes due to circumstances.
  5. Be familiar with the standard’s requirements and make sure that your staff knows how they contribute to fulfilling these requirements. You and your employees are able to identify this in the interview with the auditor.
  6. You are familiar with the key performances of the management system and significant aspects, processes and objectives.
  7. You can explain the specific circumstances that apply to the site or the entire organization.
  8. You and your staff can clarify the scope of the management system, aimed at:
    1. The activities, products and services;
    2. The sites where these activities, products and services are performed;
    3. The processes that enable the execution of these activities, products and services;
    4. The assets required to carry out these processes.
  9. Ensure that the internal audit and management review have been fully completed prior to stage 1 of the initial audit.

Completion Stage 1

During stage 1, it was assessed whether your organization is ready for stage 2. During the closing meeting of the Stage 1 audit, the auditor will clarify any areas of concern in your management system that could lead to a nonconformity during stage 2. You can get started with this in time to start stage 2 well prepared. For this reason, it is essential to schedule sufficient time between the stage 1 and stage 2 audit.

Questions?

If you have any further questions regarding the stage 1 audit or other questions, you can contact us at any time via:

  • This field is for validation purposes and should be left unchanged.

 

Share This Article :
  • Facebook
  • X
  • LinkedIn
Updated on 20 March 2024
Initial audit Stage 2

Accreditation

RvA C548Brand Compliance B.V. has accreditation (C548) to certify ISO 27001, ISO 27701 NEN 7510 and ISO 9001 scope 33 information technology and 35 other services.

Brand Compliance B.V.

Hambakenwetering 8D2
5231 DC ‘s-Hertogenbosch

+31 (0)73 220 2000
info@brandcompliance.com

Chamber of Commerce nr.: 32101659
VAT nr.: NL8130.78.854.B01

Brand Compliance Belgie B.V.

Uitbreidingstraat 66
2600 Berchem (Antwerpen)

+32 (0)14 48 0730
be-info@brandcompliance.com

VAT nr.: BE0735.675.516

Brand Compliance Nordics AB

Vasagatan 16 2 TR
111 20 Stockholm

+31 (0)73 220 2015
info@brandcompliance.com

Org.nr: 559238-1387

© Copyright 2025 Brand Compliance