SERVICES

ISO 27001 — Information Security Management Systems

Made to measure based on size, industry, and unique information security risks

Overview

Whether you're starting from scratch, getting ready for your first certification or upgrading a mature ISMS to the latest standard.

An ISMS that is effective in your organisation

With many years of information technology and information security experience, we can help you build a lightweight ISMS that understands your business model, ensures effective controls and works alongside the technologies you build and use.

Steps to ISO 27001:2022 certification

01

Gap Analysis and scoping

We conduct a comprehensive assessment of your current information security management system (ISMS) to identify gaps between your existing practices and ISO 27001 requirements.

This analysis covers key areas such as risk assessment, security policies, access control, incident management, and business continuity planning, tailored to the specific needs of SMEs.

02

ISMS Implementation

We can assist in developing and implementing an ISMS that aligns with ISO 27001 standards, focusing on practical and resource efficient processes.

This includes co-creating necessary documentation, establishing security controls, and training your staff on new procedures.

03
Conducted by a certification body

Stage 1 Audit

An initial assessment by the certification body to review your ISMS documentation and evaluate your readiness for the full certification audit.

04
Conducted by a certification body

Stage 2 Audit (Certification)

A comprehensive audit to verify that your ISMS is fully operational and compliant with all ISO 27001 requirements.

Upon successful completion, your business will be recommended for ISO 27001 certification.

05

Continuous Improvement

We can provide ongoing support to maintain and improve your ISMS, ensuring continued compliance and effectiveness.

This includes regular internal audits, management reviews, and updates to address evolving security threats and business changes.

06

Internal Audit

We can help you conduct a setup an internal audit that suits your business, ensuring your ISMS is functioning effectively and in compliance with ISO 27001 requirements.

What we offer

ISO 27001:2022 Gap Analysis

IRCA Qualified 27001 Lead Auditor

A gap analysis is an in-depth method to understand where your business stands in relation to ISO 27001, and what you need to do to get to certification.

£3,750One-timeBest value
  • RAG report
  • Existing controls evaluated
  • Actionable outcomes
  • A basis for implementation

*Based on a typical SME, conducted remotely at one site over 3.5 days.

ISMS Implementation

IRCA Qualified 27001 Lead Auditor

If you're ready to implement your ISMS, we can help you build a system that works for your business, and is ready for certification.

POA

What we can offer:

  • Fully integrated ISMS
  • Processes developed to gain and maintain certification
  • Processes that match business scale and objectives
  • End to end management, or
  • Act as SME to support
  • We can join your existing team, or bring our own
  • Audit management
  • Negotiable timescale

Why ISO 27001:2022?

Starting your ISO 27001 journey for a tender, or just looking to scale your business with a competitive advantage?

Either way – implementing ISO 27001:2022, the International Standard for Information Security Management, can bring a number of benefits to organisations — maturing and growing with the company as it scales.

Certification demonstrates your commitment to information security, and can be used as a competitive advantage when adopted early. By improving internal processes and structure, ISO 27001 encourages a culture of security awareness, leading to a more resilient and successful companies and products.