ISO 27001

Planning and implementing ISO 27001 can be complex and time consuming. To be effective, your management system should be embedded within your day to day operations and processes. It is this cultural and business change that is often underestimated.

How we can help

Initial assessment / Gap Analysis: Our consultants will work to evaluate your current security posture and readiness. We can also provide you with a pathway towards achieving certification.

Implementation - Our team can provide the tools, documentation and expertise needed to fast track your organisation towards certification.


Working flexibly, in either a consultative or implementation role, allows us to work with a range of organisations regardless of size, expertise or resource.

We can help with all stages of planning and implementation including:

  • Establishing the context your organisation works within and interested parties.

  • Setting the scope and boundaries of your management system, ensuring its validity.

  • Undertaking and documenting risk assessments.

  • Creating your statement of applicability and justifying any exclusions. 

  • Implementation of controls – We can help with the selection and implementation of tools that will meet the requirements of the ISO 27002 Annex A. For example - policies, procedures and technical solutions.

  • Internal auditing – To ensure your ISMS is ready for external audit and certification.

  • Policies and procedures – We are able to create policies, procedures and other supporting documentation tailoring them to meet the requirements of your organisation.

Training - ISO 27001 is a standard that organisations must live with day to day once embedded. We can provide training and knowledge which will enable key staff to prepare, implement and sustain the management system in the long term.

Free initial consultation - Contact us