ISO 27001 Consultants

The internationally recognised standard for Information Security Management, ISO 27001.

Our ISO 27001 Consultants can support you through the implementation & certification process.

Buy the Standard
Gap Analysis
Implement
Internal Audits
ISO Certification

Not just IT security, ISO 27001 takes a business risk approach to all information assets of the organisation and creates a framework for managing threats to those assets.

Key Themes of Information Security Management

Risk Assessment & Risk Treatment

The ISO 27001 standard takes a risk management approach to information security and therefore requires the organisation to define a risk assessment methodology.

Generally we would help you align this to ISO 31000, the standard for risk management.

After assessing the threats to information assets, the standard provides 114 possible controls to apply, within Annex A.

Asset Management & Human Resources

Some of the controls in Annex A refer to the acceptable use of assets, classification of information and human resource processes such as screening and disciplinary policies.

We can help you define your organisation’s approach to these controls based on your existing arrangements.

Supplier Relationships

Another section of Annex A focuses on the organisation’s relationships with its suppliers, in particular those who have access to the organisation’s information.

We will help consider the risks associated with your suppliers and ensure suitable policies and procedures are in place to manage those risks.

Legal Compliance

ISO 27001 also requires consideration of legal and other requirements placed on the organisation, and this is becoming more relevant as Data Protection Laws are evolving across Europe, America and the world.

Our legal compliance audit can help you identify the legislation that’s applicable to your organisation, and measure how effectively you are meeting those obligations.

Network & Operational Controls

The organisation’s operational controls, in relation to information security, are also considered which includes Information Backup, Protection from Malware, User Logging & Monitoring.

In addition network controls including security of network services, segregation and information transfer are also considered.

Information Security Objectives & Continual Improvement

As with all management system standards, ISO 27001 looks for continual improvement of the system by setting measurable, achievable objectives which can be driven from the vulnerabilities identified in the risk assessment or more general business strategy.

External ISO 27001 Certification

Having your Information Security Management System certified by an external UKAS accredited assessment body publicly demonstrates your commitment to protecting your customers’ data and can give you a significant advantage when tendering for contracts.

We can help you choose a certification body and guide you through the process. 
Find out more About the ISO 27001 Certification Process.

ISO 27001 Consultants – How we can help

Assent Risk Management has ISO 27001 consultants who can help you implement an Information Security Management System and achieve certification.

Support
We will work with you to build a Management System that fits with your organisation, building on the good work you are already doing, and support improvements.

It’s Not All Paper Work

We are experienced in implementing Information Security Management Systems and can keep the paperwork to a minimum, ensuring you get maximum benefit from the ISO 27001 standard.

Our ISO 27001 Consultancy Clients

Free ISO 27001 Training

Access free ISO 27001 Training from our learning & development company Lorators.

ISO 27001 Training

Add-Ons for ISO 27001

You might also consider these standards in relation to ISO 27001:

ISO 27701

Privacy Information Management

ISO 27017

Cloud Security Controls

ISO 27018

Protection of PII in Public Clouds

ISO 22301

Business Continuity Management

ISO 31000

Risk Management Principles

ISO 20000

I.T Service Desk Management