We can fast track your implementation and save you time effort and money in the process
We typically start from scratch with our customers, reviewing how they operate, what baseline policies and procedures are in place, and how this would ideally align to the requirements of ISO27001. This initial piece of work is necessary to establish the gap between current operational practices and those required prior to formal certification.
Once the scope has been established, we then work with our customers over a period of months to build the necessary controls and implement them within their organisation. This is then followed by a pre-certification audit to ensure that our customer is ready for formal certification.
The benefits of working with us
One of the key benefits of working with us is that we use our experience and expertise to fast track the implementation and remove a lot of the perceived difficulty associated with achieving the standard.
Our services include:
- Providing an initial gap analysis. This will provide you with the information you need to understand how much time, effort and ultimately the cost of becoming certified.
- Implementation services. We work with your internal team to implement the range of controls required to achieve the standard.
- Internal auditing. We can operate as an outsourced internal auditing function. This will satisfy your internal auditing requirements and ensure that you are well prepared for your next external audit or re-certification audit.
- Transition to the new 2022 standard. We can provide the necessary support, advice and guidance needed to ensure that your transition to the new version is straightforward.
- Training services. We can provide bespoke training services for any of your ISO27001 requirements.
We provide a wide range of ISO27001 services
Our services are designed to enable your organisation to succeed in achieving and maintaining the standard.
We review your current status and assess the time, effort and tooling required to achieve the standard.
Usually takes between one and two days to complete.
We provide skilled and experienced resources to implement the ISO27001 standard.
A typical implementation takes between 4 and 8 months.
Our highly trained auditors provide the internal auditing function to maintain the standard.
Audit findings are documented and recommendations explained.
Our auditors can provide you with a detailed external audit to prepare you for re-certification.
Usually takes between one and two days to complete.
Transition to new version
We can help you transition to the 2022 version of ISO27001 in a matter of a few days
A typical transition can be done over 5 working days.
We design speciifc online training for your staff to ensure that you can maintain the standard.
Training is online, on demain and using any device.
How to achieve an ISO27001 certification
Becoming ISO27001 certified need not be difficult, cost a great deal or take years to complete.
Data Privacy Services are experienced in implementing ISO27001 for our customers.
We are highly skilled in pragmatically applying the standard to many types of organisations and managing their compliance journey to the point of certification.
The first step is to understand the effort and scope of work to achieve the standard.
Most organisations already have some controls in place to manage the security of their information.
However, prior to starting an ISO27001 implementation, it is important to review and understand the current status and how this relates to the requirements of the standard.
We complete an initial review, document the key areas of compliance and address how to fill the gaps in what’s required to become certified. This enables us to not only provide an accurate quotation for the implementation but also allows our customers to ascertain the scope and size of the task ahead.
We need to establish the building blocks of compliance.
ISO27001 requires a complete review of all information assets that the organisation uses in its operational activities.
The standard also requires an in-depth risk assessment of how those assets are secured. This risk assessment is vital in determining how to establish the necessary controls needed to ensure the safety of information.
These key activities feed directly into the establishment of a Statement of Applicability (SoA) document that outlines how the organisation will implement the necessary controls to adhere to the standard.
Build your information security management system (ISMS).
Data Privacy Services possess the necessary ISO27001 templates needed to fast-track the implementation of the documentation needed for the Information Security Management System (ISMS).
Typically, it can take months to put this documentation into place and implement the controls stated within them. Our templates allow our customers to speed up the process, using our experience to tailor them specifically for the organisation.
We then advise our customers about how to effectively manage the implementation of the ISMS within their operational day to day activities.
We directly support customers to prepare for their ISO 27001 certification.
Most organisations will take approximately 6 months from their initial review to the point where they can become certified. This can vary depending upon the size and complexity of their Information Security Management System (ISMS).
After we have worked with our customers to prepare the ISMS and monitor its ongoing adoption, we then prepare them for their certification. The key stage is to complete a pre-certification audit, reviewing their controls and ensuring that any final issues are addressed prior to booking their certification.
We can also be on hand to work with the external certification service provider and answer any queries they may have during the certification process.
Data Privacy Services provide many training courses for ISO27001. These include basic, entry level foundation courses all the way through to Lead Implementor qualifications.
ISO/IEC 27001 Certified ISMS Foundation is a structured, technology-neutral, specification and code of practice for Information Security Management in organisations of all sizes, which is not vendor dependent.
The ISO/IEC 27001 Certified ISMS Lead Auditor online training course will not only cover the accepted principles of auditing, but will also give you a detailed understanding of audit methodology as well as many other skills required to complete audits.
The fully accredited ISO/IEC 27001 Certified ISMS Lead Implementer online training course covers all 9 of the key steps involved in planning, implementing and maintaining an Information Security Management System.
Why choose Data Privacy Services?
The core benefits of engaging Data Privacy Services are as follows:
Pragmatism is vital for a successful implementation.