ISO 27001

What is ISO 27001?

ISO 27001 is an internationally recognised standard offering a comprehensive set of controls, providing best practices within information security thus enabling an organisation to manage its information security. 

The safeguarding of information is critical in today’s world. Certification to the security standards offer both clients and suppliers the confidence to trust an organisation with the safekeeping of their information. In addition, more and more companies now see certification to ISO 27001 as a prerequisite for doing business.

Our consultants hold the BSI ISO 27001 Lead Auditor qualification and are experts in providing guidance to achieve certification.

Why do you need an ISO 27001 certification?

ISO 27001 clearly demonstrates an organisation’s commitment in managing information security, minimises risks to the company by ensuring the necessary controls are in place to reduce the risk of security threats and prevents potential weaknesses being exploited. In a market which is proving more and more competitive, ISO 27001 provides a competitive edge by meeting contractual requirements and demonstrating to clients that the security of their information is paramount.

Key features of this service

  • Implementation of an ISMS tailored to suit your organisation
  • Identification and documentation of the certification scope
  • Track record of successful client certifications
  • Gap analysis to assess compliance and highlight deficiencies
  • Conduct internal audits to check compliance
  • Production of Information Security Management System
  • Production of supporting policies, processes and procedures
  • Alignment to ISO/IEC 27017, 27018 controls for cloud services
  • Management of the certification process

Benefits

  • Assurance of readiness for accredited certification quickly and cost-effectively
  • Advice and guidance provided in compliant with latest industry best practice
  • Identification of appropriate and proportionate security controls
  • Management/Board level briefings provided
  • Access to Lead and Practitioner level certified specialists
  • Access to accredited certification bodies (such as BSI)
  • Service provided by ISO 27001 certified supplier
  • Compliance to ISO/IEC 27018 protection of personally identifiable information
  • Knowledge transfer and training services
  • Access to a team of highly experienced information security specialists

 

For more information please contact us.

Download Thames Security Shredding Case Study
Download the ISO 27001:2022 Transition Guide
Scroll to Top