ISO 27001 Services
Data Insights
ISO 27001 Services
We are very experienced and highly skilled in providing a range of services for ISO 27001.
The services that we provide enable our customers to easily understand the requirements of the international standard and apply them within their organisation.
We typically start from scratch with our customers, reviewing how they operate, what baseline policies and procedures are in place, and how this would ideally align to the requirements of ISO 27001. This initial piece of work is necessary to establish the gap between current operational practices and those required prior to formal certification.
Once the scope has been established, we then work with our customers over a period of months to build the necessary controls and implement them within their organisation. This is then followed by a pre-certification audit to ensure that our customer is ready for formal certification.
In addition, we also provide an internal auditing service to review how our customers are adhering to the standard. This directly supports their on-going surveillance auditing procedures as well as ensuring that our customers are keeping their controls on track.
We can also provide a specific external audit, where we review and assess a customer’s current status, documenting any non-conformities and observations as required.
Note – all of our resources are experienced and accredited in ISO 27001 including Lead Implementor and Lead Auditor qualifications.
Review our different services and assess how they could meet your requirements.
External Audit
| We provide a one-off external audit of your adherence to the standard. |
| Usually takes between one and two days to complete. |
Internal Audit
| Internal auditing to maintain your adherence to the standard. |
| Audits every six to twelve months, normally a day on site. |
POPULAR
ISO 27001 Project
| Full ISO 27001 implementation service to achieve the certification. |
| Full implementation project over a six month period. |
Need more information? Contact Us.
Becoming ISO 27001 certified need not be difficult, cost a great deal or take years to complete.
Data Privacy Services are experienced in implementing ISO 27001 for our customers. We are highly skilled in pragmatically applying the standard to a range of types of organisations and managing their compliance journey to the point of certification.
The first step is to understand the effort and scope of work to achieve the standard.
Most organisations already have some controls in place to manage the security of their information.
However, prior to starting an ISO 27001 project, it is important to review and understand the current status and how this relates to the requirements of the standard.
We complete an initial review, document the key areas of compliance and address how to fill the gaps in what’s required to become certified. This enables us to not only provide an accurate quotation for the implementation but also allows our customers to ascertain the scope and size of the task ahead.
We need to establish the building blocks of compliance.
ISO 27001 requires a complete review of all information assets that the organisation uses in its operational activities.
The standard also requires an in-depth risk assessment of how those assets are secured. This risk assessment is vital in determining how to establish the necessary controls needed to ensure the safety of information.
These key activities feed directly into the establishment of a Statement of Applicability (SoA) document that outlines how the organisation will implement the necessary controls to adhere to the standard.
Build your information security management system (ISMS).
Data Privacy Services possess the necessary ISO 27001 templates needed to fast-track the implementation of the documentation needed for the Information Security Management System (ISMS).
Typically, it can take months to put this documentation into place and implement the controls stated within them. Our templates allow our customers to speed up the process, using our experience to tailor them specifically for the organisation.
We then advise our customers about how to effectively manage the implementation of the ISMS within their operational day to day activities.
We directly support customers to prepare for their ISO 27001 certification.
Most organisations will take approximately 6 months from their initial review to the point where they can become certified. This can vary depending upon the size and complexity of their Information Security Management System (ISMS).
After we have worked with our customers to prepare the ISMS and monitor its ongoing adoption, we then prepare them for their certification. The key stage is to complete a pre-certification audit, reviewing their controls and ensuring that any final issues are addressed prior to booking their certification.
We can also be on hand to work with the external certification service provider and answer any queries they may have during the certification process.
Contact us for free advice and guidance on the best approach to obtaining ISO 27001 certification.
“GDPR? You made it so simple. The data protection compliance framework, which is provided, and your constant communication made the work easier and much faster than anticipated. I just worked through the framework, section by section, made the necessary changes and implemented what was required. Thanks, DPS!”
“After making enquires with several companies in regard to GDPR, we found DPS to be not only the most cost-effective solution but also very genuine, helpful and knowledgeable on the subject. I would recommend his services if you are in any doubt of the processes to be GDPR compliant.”
“We found DPS to be most helpful with GDPR readiness and working towards compliance, DPS were particularly pro-active in their ability to pinpoint the areas that we needed to work on as a priority. The advice was clear and easy to follow and their response swift if we had any queries relating to GDPR.”
“DMPC has proved to be an efficient and knowledgeable resource that has certainly helped us to achieve an understanding of GDPR and prepare us to be compliant. The whole process has been simplified; the initial GDPR readiness assessment is comprehensive identifying weakness and strengths in our preparedness to meet the relevant Articles from the Regulations with clear guidance of what to do to meet the requirements. George has been our contact he is extremely patient and will explain things more than once if required! He responds quickly to queries and the templates provided have proved an invaluable resource. ”
Data Privacy Services are highly skilled and greatly experienced in implementing ISO 27001.
The core benefits of engaging Data Privacy Services are as follows:
- We have years of experience in information systems and data security
- Our team are highly skilled in both auditing and implementation
- We have a range of useful templates that fast-track implementation, saving significant time, effort and subsequent costs
- We are able to provide a flexible monthly payment (e.g. your project fee split across up to eight monthly payments)
Pragmatism is vital for a successful implementation.
Our team of professional implementors are able to complete a gap analysis and provide you with an accurate proposal.
Our approach is to review the gaps in your current practices and documentation with the requirements of the ISO 27001 standard.
This typically takes a day and a half to complete and once we have this information we will be able to provide you with a detailed and accurate proposal.
Depending on the likely complexity, an implementation will take about six months and can be achieved for between £5,000 to £10,000. We operate flexible payment terms, with the total fee being split across 8 monthly payments.
Data Privacy Services provide many training courses for ISO 27001. These include basic, entry level foundation courses all the way through to lead implementor qualifications.
Need more information? Contact Us.
Need help with ISO 27001? The team at Data Privacy Services can help today.