ISO/IEC 27001 Certification Process

Certification to ISO/IEC 27001 Information Security Management

Keep your information confidential with a certified ISO/IEC 27001 system and show that you have information security risks under control. Compliance with world-class standards can help you win customer trust and new business opportunities.

How to get certified to ISO/IEC 27001

ISO/IEC 27001 Information Security Management system certification should be hassle-free. You’ll be appointed a BSI Client Manager, a trusted expert with relevant industry experience to your business, who can guide you through the process.

The steps to ISO/IEC 27001 certification:

ISO/IEC 27001 gap analysis
An optional service which takes place before your assessment visits. We’ll take a closer look at your existing information security management system and compare it with the requirements of the ISO/IEC 27001 standard. It’s a really cost effective way to check if there are any areas you need to work on before we carry out a formal assessment.
Formal assessment
A two-stage process. First your BSI Client Manager will review your organization’s readiness for assessment by checking if the necessary ISO/IEC 27001 procedures and controls have been developed in your organization.We will share the details of our findings with you via our Assurance Portal, so that if we find gaps, you can close them.

Next, if all the requirements are in place, we’ll assess the implementation of the procedures and controls within your organization to make sure that they are working effectively as required for certification of ISO/IEC 27001.
Certification and beyond
When you achieve certification you’ll receive your BSI ISO/IEC 27001 certificate which is valid for three years. Your BSI Client Manager will visit you regularly to make sure your system doesn’t just remain compliant, but it continually improves and adds value to your organization.

Find out more about our certification services >

Where do I start with ISO/IEC 27001?

You need to:

Buy the standard and read it; understand the content, your requirements and how it will improve your business
Make sure that you have buy-in from your leadership team – our ISO/IEC 27001 CEO briefing can help
Learn about the requirements of ISO/IEC 27001, what your organization will need to do and share ideas and experiences with your peers at our BSI ISO/IEC 27001 Requirements training course
Contact us so we can answer your questions and help meet your organization’s needs

Certification process designed to help you at whatever stage you are at

ISO/IEC 27001

Buy ISO/IEC 27001

Get your copy of the new ISO 27001 standard today.

Buy ISO/IEC 27001 >

BSI Training Academy

Discover our ISO/IEC 27001 training courses with BSI Training Academy

View our ISO/IEC 27001 training courses >

ISO/IEC 27000 series

Find out about the range of standards developed to support with information security, including ISO/IEC 27002 – guidelines to support with ISO/IEC 27001 implementation.