Internal ISO 27001 audits are a crucial part of the Information Security Management System (ISMS) implementation process. These audits are conducted by an organization's own internal auditors or a team of trained individuals to assess the effectiveness of their ISMS in ensuring the confidentiality, integrity, and availability of their information assets. At anDREa B.V. the internal audit is performed by an external party. The objective of internal ISO 27001 audits is to identify and evaluate any gaps, weaknesses, or non-conformities in the organization's ISMS, and to provide recommendations for improvement. This helps organizations to maintain the effectiveness of their ISMS and ensure compliance with the ISO 27001 standard. Internal audits are typically conducted at regular intervals to ensure continuous improvement of the ISMS.

Please find attached the internal audit management summary for 2023.