Home  »  ISO 27001 Information Security Management

What is ISO 27001?

ISO/IEC 27001:2013  is the recognised international standard for Information Security Management. In todays world of digital commerce, any business, large or small should ensure that they have an information security procedure in place.

What are the requirements to obtain ISO 27001 certification?

There are several steps that an organisation will need to take for implementation of this cyber security management system. These steps include (but are not limited to):

  • Planning – Ask yourself what the standard will do for your business, how will it improve your current way of working? What are the objectives of implementing the standard? Treat this certification as its own project.
  • Documentation – Define a security management system roadmap that will help you ensure that this project is progressing correctly. Document requirements for risk assessment and treatment.
  • Education – Your business team members should all be on board and aware that this project is taking place, it is not just for the IT department to be involved with.
  • Ownership – Document and communicate the roles and responsibilities for all involved in the system.
  • Control – To be fully compliant with ISO 27001, a company must list all the controls that are to be implemented as part of the management system. These controls are organised into domains focusing on areas such as: organisational issues, HR, information technology, physical security and legal issues.

“Digital crime is on the increase”

Having a globally recognised certification demonstrates to clients and customers that you are serious about information security”

iso 27001

How much does ISO 27001 cost?

It is difficult to give a general cost for the implementation of the Information Security Management System (ISMS) as it does depend on factors such as the size of the company, the area of business in which it operates and the complexity of the required ISMS scope.

Vassallo Associates will be happy to give you a good idea of the overall costs once we have a more detailed understanding of your business and its requirements.

Contact Us now to arrange a free, no obligation consultation to discuss your information security requirements.

What are the benefits of obtaining ISO 27001 accreditation?

The first benefit to mention here is peace of mind. In todays digital age, we are all aware that online crime is on the increase. For any business a breach of data such as client details or the company website being forced offline can be hugely damaging to both the business financials and reputation. Having an official system in place to mitigate such risks as much as possible means that the business can focus on its customers and services without having to worry unduly about data breaches.

Some of the many other benefits include:

  • Having a globally recognised certification demonstrates to clients and customers that you are serious about cyber security, in turn giving them more confidence to work with you.
  • An edge over your competitors, in an increasingly competitive marketplace, having the ISO 27001 certificate can help you to stand out.
cyber security management

“Achieving ISO 27001 compliance allows you to differentiate yourself from your competitors and win new business” 

What are the specific services that Vassallo Associates can offer to an organisation wanting to start working towards obtaining ISO 27001 compliance?

We can help with the full management system preparation and implementation to ensure that you are able to pass the certification with flying colours. We can advise on and support you with:

  • Consultancy services for the implementation of ISO 27001.
  • Internal and External Audit Support.
  • Managing the costs of implementing the standard.
  • Assistance with the domains and controls required for implementation.
  • Advice on the differences between certification bodies and how to choose a certification body suitable for your requirements.

Contact Us now to arrange a free, no obligation consultation to discuss your information security requirements.

For more details on the Information Security Management System, please visit the specific standard page on the ISO Website.

Your contacts for ISO 27001 information:

Dan Breger
Principal Consultant
Mobile: +44 (0) 797 167 8039
dan.breger@hvassallo.com

Daisy Delaney
Senior Management Systems Consultant
Mobile: +44 (0) 730 848 0053
daisy.delaney@hvassallo.com

Marine Assurance

Management Systems