Maintaining your ISO/IEC 27001 Information Security Management System

Information security management does not stop at certification. ISO/IEC 27001 can grow and evolve with your business, making sure your information stays secure no matter how much it changes and as new security threats emerge.

You can do more than keep up with expectations and regulations when you work with us – you can continually improve your ISO/IEC 27001 management system to stay ahead. 


Make the most of your certification

As a BSI client you can access a number of resources designed to help you get the most out of your certification. You’ll get regular updates on the latest developments in standards and management systems as well as our training courses and events. The support you receive from your client manager will continue alongside business reviews to help your organization maintain its competitive edge and to continually improve.


Use the BSI Certification Mark

Our clients can use the BSI Certification Mark to demonstrate certification and best practice. You will also be listed in our global client directory, joining more than 80,000 certified clients who have already benefited from using the BSI Certification Mark.  


Integrate to keep getting better

Get more out of your ISO/IEC 27001 system by integrating it with other management systems you have in place. This allows you to combine and streamline the way you manage the processes that apply to more than one system. Try using PAS 99 as a framework to identify and integrate common management system requirements for better performance.


Transfer your certification to BSI

Get global recognition with the BSI Certification Mark and discover how our experience and reputation delivers real value to your business. We focus on continual improvement, as well as maintaining your system – showing you how to grow and develop your business. Plus, transferring from another certification body is easy.


How to get certified to ISO/IEC 20000-1

  1. ISO/IEC 2000-1 Service Management system certification should be hassle-free. You’ll be appointed a BSI Client Manager, a trusted expert with relevant industry experience to your business, who can guide you through the process.

    The steps to ISO/IEC 20000-1 certification:

    1. ISO/IEC 20000-1 gap analysis

    An optional service which takes place before your assessment visits. We’ll take a closer look at your existing information security management system and compare it with the requirements of the ISO/IEC 20000-1 standard. It’s a really cost effective way to check if there are any areas you need to work on before we carry out a formal assessment.

    2. Formal assessment

    A two-stage process. First your BSI Client Manager will review your organization’s readiness for assessment by checking if the necessary ISO/IEC 20000-1 procedures and controls have been developed in your organization. We will share the details of our findings with you so that if we find gaps, you can close them. Next, if all the requirements are in place, we’ll assess the implementation of the procedures and controls within your organization to make sure that they are working effectively as required for certification of ISO/IEC 20000-1. 

    3. Certification and beyond

    When you achieve certification you’ll receive your BSI ISO/IEC 20000-1 certificate which is valid for three years. Your BSI Client Manager will visit you regularly to make sure your system doesn’t just remain compliant, but it continually improves and adds value to your organization.