Compliance and Certification.

Whether you want compliance or certification, we can help

Information is a business critical asset because it drives growth and forms the backbone of our company. But the security of that asset is often overlooked, which is why over 80% of security breaches come from within the organisation as a result of poor policy, procedures and staff awareness training.

That’s why organisations are exploring the benefits of complying or certifying to ISO/IEC 27001:2013. This standard provides a baseline minimum set of controls which cover the people, places and process requirements you need in order to provide staff, suppliers and customers with confidence in your data security. Certifying to the standard can give a real competitive edge in today’s technology led environment and is increasingly being asked for as part of Government procurement evidence.

We have a proven track record in taking companies through the process to successful accreditation. But where our approach differs is that we don’t believe one size fits all. Every organisation has its own objectives and ways of working and we provide bespoke, proportionate solutions that meet your needs. And we don’t just do the work and walk away. We mentor staff through key aspects of the implementation to ensure they have the necessary skills to maintain the management system as the organisation grows and changes.

Our consultants are qualified ISO27001 Lead Auditors with many years’ experience of delivering information security services and implementing information security management systems.

ISO/IEC 27001:2013 consultancy services include:

  • Gap Analysis
  • Risk Assessment
  • Risk Remediation/Treatment Plans
  • Statement of Applicability (SOA)
  • Policy Development
  • Staff Awareness Training
  • Management Presentations
  • Pre-certification Audits

ISO/IEC 27001:2005 vs. ISO/IEC 27001:2013

Download our guidance document for ISO/IEC 27001:2005 vs. ISO/IEC 27001:2013

Need more information about ISO27001?