Certification to ISO/IEC 27001 Information Security Management

Looking for information security certifications? Look no further. Keep your information confidential with a certified ISO/IEC 27001 system and show that you have information security risks under control. Compliance with world-class standards can help you win customer trust and new business opportunities.  

How to get certified to ISO/IEC 27001

We make the certification process straightforward. After we have received your application we appoint a client manager who will guide you and your business through the following steps.

  1. Gap analysis
    This is an optional pre-assessment service where we take a closer look at your existing information security management system and compare it with ISO/IEC 27001 requirements.  This helps identify areas that need more work before we carry out a formal assessment, saving you time and money.

  2. Formal assessment
    This happens in two stages. First we review your organization’s preparedness for assessment by checking if the necessary ISO/IEC 27001 procedures and controls have been developed. We will share the details of our findings with you so that if we find gaps, you can close them. If all the requirements are in place, we will then assess the implementation of the procedures and controls within your organization to make sure that they are working effectively as required for certification. 

  3. Certification and beyond
    When you have passed the formal assessment you will receive an ISO/IEC 27001 certificate, which is valid for three years. Your client manager will stay in touch during this time, paying you regular visits to make sure your system doesn’t just remain compliant, but that it continually improves. 

Secure Digital Transaction Kitemark

If you offer digital transaction services and applications you can build on your ISO/IEC 27001 certification with our Secure Digital Transactions Kitemark. The BSI Kitemark adds trust to the quality of your services by rigorously and independently testing websites or apps to make sure they have the security controls in place for the financial and/or personal information they are handling.  This new Kitemark can be part of a new certification application or added to an existing system, as long as the system takes appropriate action based on the testing results.  

Train with us and certify to ISO/IEC 27001

We use accelerated learning techniques to make sure you fully understand the ISO/IEC 27001 standard. And we put your learning into context with a blend of classroom teaching, workshops and interactive sessions.