Certification against ISO27001 demonstrates compliance with the Information Security Management Standard ISO 27001. It demonstrates that your organisation has processes and systems in place to store, maintain and manage information in compliance with the Standard.
Many organisations work towards the ISO 27001 Information Security Management Standard without choosing to be certified as the processes you go through in assessment and compliance are often sufficient for management to see the benefit.
Achieving ISO27001 Certification
The first step to achieving ISO 27001 Certification is to undertake a thorough audit of your current position and assess the risks faced. Our ISO 27001 benchmark survey report will provide an initial assessment against the Standard and provide pointers on how to move forward.
If you wish to proceed towards ISO27001 registration with a premier certification body such as BSI or SGS (all UKAS approved) our consultancy team can provide full support through the process including:
- Full ISO27001 Lead Audit, conducted by our 27001 Lead Audit team. This is to verify compliance of our operations to the Standard.
- Production a report detailing non-conformity and possible remedy solutions
- Examination further training needs
- Liaison with your selected certification body on assessment criteria
- Assistance with your first management review meeting
- Assistance with security key-performance measures
- Review of business continuity arrangements
- There are many certification bodies in the UK but a relatively small number are UKAS approved. Their leaflet Why risk it all (opens a PDF) explains why it’s important to use an independent accredited body.
For advice on ISO 27001, support in implementing the Standards and progression to assessment and certification contact LayerTec 0121 288 2400