top of page

Back to Products & Services

ISO27001 Accreditation and Preparedness

​

​

ISO27001 provides a framework for establishing, implementing, maintaining and continually improving the security an Information Security Management System (ISMS), a method to manage security controls and associated risks to your organisation.   

​

Establishing an ISMS is a great way to manage information security processes to positively reduce the likelihood of a security breach occurring within your organisation.  Adopting a recognised framework can also assist you in winning new business, particularly if accredited, as it can be used to differentiate your organisation from your competitors by providing reassurance to new (and existing) customers that you take information and cyber security seriously. 

​

In the event of a breach, being able to demonstrate that your organisation has endeavoured to operate effective security controls and supporting processes will limit the possible sanctions and fines levied by regulatory bodies such as the Information Commissioners Office, who can issue fines up to €20 million or up to 4% of the annual worldwide turnover of the preceding financial year per breach, under the General Data Protection Regulation (GDPR) for the breach of personal information.

​

How we can help

​

Our consultants hold both ISO27001 Implementer and Auditor certifications, which means that we can help you establish an Information Security Management System and assess your preparedness to achieve formal accreditation and maintain it. We can work with you to:

​

  • Write a business case for senior executives, which clearly articulates in non-technical language the value of establishing an Information Security Management System in order to obtain support for its implementation;

  • Articulate by way of clear documentation, each of the steps required to implement and/or assess the effectiveness of your organisations ISMS;

  • Lead you and your organisation in the development and implementation of required controls and processes including risk assessment;

  • Conduct an accreditation preparedness assessment, clearly articulating any identified deficiencies and associated remedial steps to obtain accreditation.

​

​

​

​

​

0208 462 0882

info@thepracticalciso.com

© 2018 - 2019 The Practical CISO All rights reserved.

tThe Practical CISO Limited

Registered in England and Wales at the above address. Number: 10243165

​

VAT Registration Number: 245365403

bottom of page