Certification to ISO/IEC 27001 Information Security Management

When you achieve ISO/IEC 27001 certification you’ll be able to show customers and stakeholders your commitment to managing information safely and securely. It’s a great opportunity to celebrate your achievement, promote your business, and show that you are a trusted organization which could open up new business opportunities.

How to get certified to ISO/IEC 27001

ISO/IEC 27001 Information Security Management system certification should be hassle-free. You’ll be appointed a BSI Client Manager, a trusted expert with relevant industry experience to your business, who can guide you through the process.

Gap analysis

An optional service which takes place before your assessment visits. We’ll take a closer look at your existing information security management system and compare it with the requirements of the ISO/IEC 27001 standard. It’s a really cost effective way to check if there are any areas you need to work on before we carry out a formal assessment.

Formal assessment

A two-stage process. First your BSI Client Manager will review your organization’s readiness for assessment by checking if the necessary ISO/IEC 27001 procedures and controls have been developed in your organization. We will share the details of our findings with you via our BSI Connect Portal, so that if we find gaps, you can close them.

Next, if all the requirements are in place, we’ll assess the implementation of the procedures and controls within your organization to make sure that they are working effectively as required for certification of ISO/IEC 27001.

Certification and beyond

When you achieve certification you’ll receive your BSI ISO/IEC 27001 certificate which is valid for three years. Your BSI Client Manager will visit you regularly to make sure your system doesn’t just remain compliant, but it continually improves and adds value to your organization.

BSI Connect Portal