ISO27001

Information security consultancy for compliance and certification.

We are Information Security Consultants and specialise in ISO 27001 (ISO/IEC 27001). Whether you want compliance or certification, we can help

Information is a business critical asset because it drives growth and forms the backbone of our company. But the security of that asset is often overlooked, which is why over 80% of security breaches come from within the organisation as a result of poor policy, procedures and staff awareness training.

That’s why organisations are exploring the benefits of complying or certifying to ISO/IEC 27001. This standard provides a baseline minimum set of controls which cover the people, places and process requirements you need in order to provide staff, suppliers and customers with confidence in your data security. Certifying to the standard can give a real competitive edge in today’s technology led environment and is increasingly being asked for as part of Government procurement evidence.

In 2022, we saw ISO 27002 receive its latest update from the previous iteration dating from 2013. The update will bring the standard up to date with the ever-changing technological world, as you are well aware, a lot has changed in the last 9 years, more so with advances in technology and how we need to ensure their confidentiality, integrity, and availability from the ever-evolving threat actors and the tools they use.

Click here to view the changes you need to know about.

We have a proven track record in taking companies through the process to successful accreditation. But where our approach differs is that we don’t believe one size fits all. Every organisation has its own objectives and ways of working and we provide bespoke, proportionate solutions that meet your needs. And we don’t just do the work and walk away. We mentor staff through key aspects of the implementation to ensure they have the necessary skills to maintain the management system as the organisation grows and changes.

Our consultants are qualified ISO27001 Lead Auditors with many years’ experience of delivering information security services and implementing information security management systems.

ISO/IEC 27001 consultancy services include:

  • Gap Analysis
  • Risk Assessment
  • Risk Remediation/Treatment Plans
  • Statement of Applicability (SOA)
  • Policy Development
  • Staff Awareness Training
  • Management Presentations
  • Pre-certification Audits

Related Downloads

ISO27002 - 2022 What's New

Download our guidance for changes and updates to ISO27001

ISO27001 Certification Process

Download our guidance for IS27001 certification

Need more information about ISO27001?

ISO 27001 Explainer video