ISO 27001 Certification
FRSecure performs a full array of information security assessments and audits including FISMA, ISO Certification, NERC/FERC, FDA, SEC, FINRA, SOX, and more. If you’re looking for an assessment, we’ve likely done it before, and are happy to discuss your needs with you. Call us today.
What is ISO 27001 Certification
ISO/IEC 27001 Certification is a formal audit against the ISO security standard.
There are two audits that take place during ISO/IEC 27001 certification:
- Stage 1 “Document review” – The focus for the Stage 1 audit is documentation. It seeks to determine if the organization has all of the documentation as required by the ISO/IEC 27001 International Standard.
- Stage 2 “Main audit” – The focus for the Stage 2 audit is to determine if the organization is doing everything that they should be doing according to the ISO/IEC 27001 International Standard and documentation reviewed in Stage 1.
Why would I want one?
At this point, you probably don’t want one. Most organizations are not prepared for this audit. If you are ready for it, then this audit has compelling marketing opportunities. Over the course of the next 10 years we expect ISO 27001 certification to increase, so there is currently a window of opportunity to use this certification as a market differentiator.
If you’re not ready for this audit, then we would encourage you to explore an ISO 27002 security assessment, which would begin the process of aligning your security program with the ISO standard. This begins to prepare you for ISO certification in a cost effective manner.
What is the process for completing the audit?
The first phase of ISO 27001 certification is comprised of the following:
- Phase 1 – ISO/IEC 27001 ISMS Gap Analysis
- Phase 2 – SoA Assessment
- Phase 3 – Security Controls Gap Analysis
What are the deliverables I should expect?
Deliverables for the first phase of an ISO/IEC 27002 certification gap assessment are:
- ISMS Gap Analysis Report
- SoA Assessment Report
- Security Controls Gap Analysis Report
What does ISO 27001 Certification cost?
There are multiple components to a ISO 27001 certification audit. Because of this, FRSecure strives to determine the best possible approach for our clients to ensure successful completion of the audit in a cost effective way. All you need to do is spend a few minutes on the phone with our team to make sure we are delivering exactly what you need and want.