ISO 27001 Consultants

ISO 27001 is the internationally recognised standard
for Information Security Management.

Our ISO 27001 Consultants can support you through
the implementation & certification process.

Get Started with ISO 27001! Contact Us

Buy the Standard

Gap Analysis

Implement

Internal Audits

ISO Certification

For ISO 27001, We’re Trusted by:

ORCHA achieves ISO 9001 & ISO 27001 Certification

edays Achieve and Maintain ISO 27001 Certification

Join them. Contact Us.

Key Themes of
Information Security Management

Risk Assessment & Risk Treatment

The ISO 27001 standard takes a risk management approach to information security and therefore requires the organisation to define a risk assessment methodology.

Generally we would help you align this to ISO 31000, the standard for risk management.

After assessing the threats to information assets, the 2022 edition of the standard provides 93 possible controls to apply, within Annex A.

Four Control Categories

ISO 27001:2022 organises controls in to four core areas:

Organisational Controls
People Controls
Physical Controls
Technological Controls

Our ISO 27001 consultants are there to help you implement all the applicable controls to suit your organisation.

ISO 27002:2022 & Attributes

Annex A of the standard is derived from ISO 27002. Although compliance with this standard is not mandatory, our consultants have full knowledge of the additional guidance to ensure they can give you the most comprehensive advice and best practices.

In addition, ISO 27002 provides themes and attributes against each control, which enables better management.

Asset Management & Human Resources

Some of the controls in Annex A refer to the acceptable use of assets, classification of information and human resource processes such as screening and disciplinary policies.

We can help you define your organisation’s approach to these controls based on your existing arrangements.

Supplier Relationships

Another section of Annex A focuses on the organisation’s relationships with its suppliers, in particular those who have access to the organisation’s information.

We will help consider the risks associated with your suppliers and ensure suitable policies and procedures are in place to manage those risks.

Legal Compliance

ISO 27001 also requires consideration of legal and other requirements placed on the organisation, and this is becoming more relevant as Data Protection Laws are evolving across Europe, America and the world.

Our legal compliance audit can help you identify the legislation that’s applicable to your organisation, and measure how effectively you are meeting those obligations.

Network & Operational Controls

The organisation’s operational controls, in relation to information security, are also considered which includes Information Backup, Protection from Malware, User Logging & Monitoring.

In addition network controls including security of network services, segregation and information transfer are also considered.

Information Security Objectives & Continual Improvement

As with all management system standards, ISO 27001 looks for continual improvement of the system by setting measurable, achievable objectives which can be driven from the vulnerabilities identified in the risk assessment or more general business strategy.

External ISO 27001 Certification

Having your Information Security Management System certified by an external UKAS accredited assessment body publicly demonstrates your commitment to protecting your customers’ data and can give you a significant advantage when tendering for contracts.

We can help you choose a certification body and guide you through the process.
Find out more About the ISO 27001 Certification Process.

ISO 27001 Consultants – How we can help

Assent Risk Management has ISO 27001 consultants who can help you implement an Information Security Management System and achieve certification.

Support
We will work with you to build a Management System that fits with your organisation, building on the good work you are already doing, and support improvements.

It’s Not All Paper Work

We are experienced in implementing Information Security Management Systems and can keep the paperwork to a minimum, ensuring you get maximum benefit from the ISO 27001 standard.

ISO 27001 Training

Access ISO 27001 Training from our learning & development company Lorators.

Start Learning ISO 27001

Add-Ons for ISO 27001

You might also consider these standards in relation to ISO 27001:

ISO 27701

Privacy Information Management

Learn More

ISO 27017

Cloud Security Controls

Learn More

ISO 27018

Protection of PII in Public Clouds

Learn More

ISO 22301

Business Continuity Management

Learn More

SOC 2

Trust Services Criteria

Learn More

ISO 20000

I.T Service Desk Management

Learn More

ISO 31000

Risk Management Principles

Learn More

ISO 27001 Auditors

Get an impartial ISO 27001 audit.

ISO 27001 Auditors

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
CONSENT	16 years 3 months 23 days 8 hours	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	These cookies are set via embedded youtube-videos.
yt-remote-device-id	never	These cookies are set via embedded youtube-videos.

Cookie	Duration	Description
awpv3911	2 days	Description is currently not available.
AWSESS	session	Cookie used by the Awin platform in relation to affiliate links used on this website.
cf_clearance	1 year	Description is currently not available.

ISO 27001 Consultants

Buy the Standard

Gap Analysis

Implement

Internal Audits

ISO Certification

For ISO 27001, We’re Trusted by:

Key Themes of Information Security Management

Risk Assessment & Risk Treatment

Four Control Categories

ISO 27002:2022 & Attributes

Asset Management & Human Resources

Supplier Relationships

Legal Compliance

Network & Operational Controls

Information Security Objectives & Continual Improvement

External ISO 27001 Certification

ISO 27001 Consultants – How we can help

It’s Not All Paper Work

ISO 27001 Training

Add-Ons for ISO 27001

ISO 27701

ISO 27017

ISO 27018

ISO 22301

SOC 2

ISO 20000

ISO 31000

ISO 27001 Auditors

Key Themes of
Information Security Management