We typically start from scratch with our customers, reviewing how they operate, what baseline policies and procedures are in place, and how this would ideally align to the requirements of ISO 27001. This initial piece of work is necessary to establish the gap between current operational practices and those required prior to formal certification.
Once the scope has been established, we then work with our customers over a period of months to build the necessary controls and implement them within their organisation. This is then followed by a pre-certification audit to ensure that our customer is ready for formal certification.
In addition, we also provide an internal auditing service to review how our customers are adhering to the standard. This directly supports their on-going surveillance auditing procedures as well as ensuring that our customers are keeping their controls on track.
We can also provide a specific external audit, where we review and assess a customer’s current status, documenting any non-conformities and observations as required.
Note – all of our resources are experienced and accredited in ISO 27001 including Lead Implementor and Lead Auditor qualifications.
Data Privacy Services are experienced in implementing ISO 27001 for our customers.
We are highly skilled in pragmatically applying the standard to a range of types of organisations and managing their compliance journey to the point of certification.
The core benefits of engaging Data Privacy Services are as follows:
Pragmatism is vital for a successful implementation.