ISO 27001

Guaranteed compliance and certification for the world’s most widely adopted information security standard..

What is ISO 27001?

ISO 27001 is an internationally recognized Information Security Management System (ISMS). The ISO 27001 ISMS acts as a framework that organisations can use to implement policies, procedures and controls in order to protect the confidentiality, integrity and availability of their data and key business assets.

What are the benefits of 27001?

Protect your important data and assets.

Demonstrate your commitment to security to your clients and potential clients.

Demonstrate compliance with the General Data Protection Regulation and the Data Protection Act 2018.

Win new contracts.

What are the benefits of 27001?

Gap Analysis

Some organisations choose to assess their current standing in line with ISO 27001 prior to committing to a full implementation. This enables you to identify gaps and potential costs that will arise out of the project. Our Gap Assessment Service will assess your organization against the requirements of ISO 27001, highlighting any relevant gaps and enabling you to forecast potential costs. Information obtained during this exercise can also be used during the full implementation.

ISO 27001 Implementation & Certification

Unlike most ISO 27001 consultancies, we provide you with both information security and management system expertise to ensure that you get the most out of your ISO27001 implementation. Alongside our partner Episode, we deliver bespoke end to end implementations of ISO 27001 management systems, tailored to our customers and their requirements, guaranteeing certification.

0 Days

Average time to detect a breach.

0 Days

Average time to contain a breach.

0 %

UK businesses that experienced a breach in 2018.

What are the key stages of an ISO 27001 Implementation?

What are the key stages of an ISO 27001 Implementation?

ISO 27001 includes a number of steps that can be broken down into smaller categories. Here we have broken an implementation down into 10 key areas to give you an idea of what the overall path to certification looks like.

  1. Understand the context of business and define the scope and objectives of the ISMS.
  2. Establish key stakeholders and interested parties, outlining roles and responsibilities.
  3. Start to build the Management system writing key documentation.
  4. Identify all in scope assets and perform a risk assessment.
  5. Review the identified risks and treat them using the 114 controls listed in Annex A or others if applicable.
  6. Complete all documentation for the system including policies and procedures.
  7. Deliver security training throughout implementation to ensure there is awareness throughout your organisations.
  8. Once happy appoint a certification body to perform the certification audit.
  9. Continue to utilize and update the system.
  10. Facilitate annual reviews from the certification body.