ISO 27001 is not for the faint hearted.

It’s big, brash and demands respect – and absolutely worth every ounce of effort!

Learn More

Contact Jason using the form below:

ISO StandardsHealth & SafetyOther

ISO 27001 is not for the faint hearted.

It’s big, brash and demands respect – and absolutely worth every ounce of effort!

ISO 27001 is not for the faint hearted.

It’s big, brash and demands respect – and absolutely worth every ounce of effort!

Learn More

Contact Jason using the form below:

ISO StandardsHealth & SafetyOther

ISO 27001 auditor implmenter
ISO 27001 auditor implmenter

ISO 27001 Implementer & Auditor

ISO 27001 certification demonstrates to your clients that you take information security seriously.

But how is information security achieved? By the implementation of applicable controls through a risk management process.

Your mitigation is managed via a framework of guidelines, policies, procedures, organisational structure and use of suitable hardware and software.

Trained by BSi, Jason can guide your 27001 implementation, or assist with internal or external audit provision.

ISO 27001 Brain words

ISO 27001 Implementer & Auditor

ISO 27001 certification demonstrates to your clients that you take information security seriously.

But how is information security achieved? By the implementation of applicable controls through a risk management process.

Your mitigation is managed via a framework of guidelines, policies, procedures, organisational structure and use of suitable hardware and software.

Trained by BSi, Jason can guide 27001 implementation, or assist with internal or external audit provision.

CIA Triad

Confidentiality is the principle of ensuring that information is only made available to authorised individuals or entities. Integrity assures that information is trustworthy and accurate. Availability is the guarantee of access to information when required.

The CIA Triad are key principles and the foundation of any ISMS.

SoA

Whilst Annex A of ISO 27001 details the 14 domains and 114 information security controls, it is the Statement of Applicability that summarises your position with regard to each safeguard. The SoA justifies inclusion and exclusion of Annex A controls, and also identifies if controls are implemented or not. It is a requirement that this shall be retained as documented information for 27001.

Q&A

Q: It is said that ISO 27001 is far more complex than the likes of 9001, 14001 and 45001. Is the expense, time and resource required for certification actually worth it?

A: For certain businesses, certification is a commercial requirement. Third parties may not even entertain doing business with you if you do not have it. 

CIA Triad

Confidentiality is the principle of ensuring that information is only made available to authorised individuals or entities. Integrity assures that information is trustworthy and accurate. Availability is the guarantee of access to information when required.

The CIA Triad are key principles and the foundation of any ISMS.

SoA

Whilst Annex A of ISO 27001 details the 14 domains and 114 information security controls, it is the Statement of Applicability that summarises your position with regard to each safeguard. The SoA justifies inclusion and exclusion of Annex A controls, and also identifies if controls are implemented or not. It is a requirement that this shall be retained as documented information for 27001.

Q&A

Q: It is said that ISO 27001 is far more complex than the likes of 9001, 14001 and 45001. Is the expense, time and resource required for certification actually worth it?

A: For certain businesses, certification is a commercial requirement. Third parties may not even entertain doing business with you if you do not have it. 

CIA Triad

Confidentiality is the principle of ensuring that information is only made available to authorised individuals or entities.

Integrity assures that information is trustworthy and accurate.

Availability is the guarantee of access to information when required. The CIA triad is a pillar of your ISMS.

SoA

Whilst Annex A of ISO 27001 details the 114 information security controls, it is the Statement of Applicability that summarises your position in regard to each safeguard. The SoA justifies inclusion and exclusion of controls.

The SoA shall be retained as documented information for 27001.

Q&A

Q: It is said that ISO 27001 is far more complex than the likes of 9001, 14001 and 45001. Is the expense, time and resource required for certification actually worth it?

A: For certain businesses, certification is a commercial requirement. Third parties may not entertain doing business if you do not have it. 

ISO 27001
ISO 27001

Benefits of ISO 27001

27001 is scaleable for every business and the commercial benefits of a formal Information Security Management System include:

– Compliance with legal requirements;
– Competitive advantage (access to new markets);
– Better trained workforce;
– Customer and regulator confidence;
– Improved management control;
– Demonstrable information security provision.

Benefits of ISO 27001

27001 is scaleable for every business and the commercial benefits of a formal Information Security Management System include:

– Compliance with legal requirements;
– Competitive advantage (access to new markets);
– Better trained workforce;
– Customer and regulator confidence;
– Improved management control;
– Demonstrable information security provision.

ISO 27001