Spritzmonkey
Contact Us
Image 2.jpg

ISO 27001 - The Process

Review, certification and maintenance of ISO 27001 for your business, providing the skills and knowledge required to deliver a successful programme.

ISO 27001 - The Process

Spritz ISO Page Banner July 2020.png

ISO 27001 Gap Analysis

The first step in an ISO 27001 project is usually a gap analysis.

By reviewing your current processes against the ISO 27001 standard, Spritzmonkey will be able to identify any control gaps by providing a health report of current control effectiveness and problem areas.  This is an excellent way to kick off your organisation's project to achieve ISO 27001 certification, as the gap analysis will enable you to estimate the likely effort required for implementation of the main ISO 27001 certification project.

At the end of the assignment you will typically receive a report containing:

  • Executive summary including any high-risk areas

  • Assessment of management system elements

  • Assessment of security controls against Annex A of the standard

  • Recommendations and next steps

Need help?

Please contact us to arrange a telephone or face-to-face appointment to discuss you needs.

Get in touch 

ISO 9001

We can also help with ISO 9001

ISO 27001 Certification Process

Spritzmonkey can take you through the whole process of achieving ISO 27001 certification, from the moment your business decides the standard is one they want to achieve, through to Support and Management of the resulting Information Security Management System.
 
The implementation project can be achieved as either a coaching and mentoring service to your internal resource or by outsourcing some or all of the project. By using Spritzmonkey to guide your ISO 27001 certification project you will be utilising our tried and tested methods and skills. You will also have access to our existing document templates and knowledge of what it takes to succeed in ISO 27001 certification.

Your ISO 27001 certificate will be issued by a UKAS-accredited certification body. We can work with you to obtain quotes and assist with the selection process. This independent assessment is carried out by your choice of certification body and we are happy to help you regardless of which one you choose.

We can help with all aspects of the project including:

A typical ISO 27001 implementation project.

  • Initial gap analysis

  • Project planning and management

  • Setting an appropriate scope

  • Risk assessment

  • Defining the Statement of Applicability (SoA)

  • Policy creation

  • Staff awareness training

  • Internal audits

  • Management review meetings

  • Preparation for external audit so you succeed first time

  • Full liaison with UKAS-accredited audit body

 

Next steps

 

ISO 27001 - What is it?

What is ISO 27001 and how can it help you?

Find out more

ISO 27001 - FAQs

Frequently asked questions about ISO 27001.

Find out more
 

Get In Touch

To discuss ISO 27001 or anything else please get in touch using the form below or the other contact details on our site.