ISO 27001 is a systematic approach (Plan-Do-Check- Act) for managing companies’ information security to achieve business objectives.
It is based on a risk assessment and the companies’ risk defined levels designed to effectively treat and manage risks.
ISO 27001 information security management system can help your company to better manage your information assets and implement controls to help protect your companies’ information assets from an information security breach.
No hidden cost. Completion within budget and timeframe.
Straight forward & Simple ISO documentation. Minimum workload is required.
Precise briefings / trainings to client for quick glance
Arranging meeting schedule up to Client request
We need to know your industry, number of staff, number of locations and scope of certification
Conduct a Gap Analysis and interview with different Dept Rep.
Provide awareness training and advisory visit
Provide a consultant to attend the whole audit
UKAS means the United Kingdom Accreditation Service. UKAS is the UK’s National Accreditation Body, responsible for determining, in the public interest, the technical competence and integrity of organisations such as those offering testing, calibration and certification services
ISO 27001 certification without UKAS accreditation may mean that your organisation have a risk to lose large contracts and business opportunities due to unrecognised ISO certification.
The Fees depend on company size, number of locations, business nature and operation complexity.
For Company (Staff < 20), it take 4 months on average.
For Company (Staff ~50), it take 6 months on average.
For Company (Staff ~100), it take 7-9 months on average.
You may take below steps :
1) ISO 27001 Gap Analysis.
2) Establishment of ISO 27001 Documentation.
3) Attend ISO 27001 Training.
4) Implementation of ISO 27001 System.
5) Arrange an Internal Audit
6) External ISO 27001 Audit by Certification Body
There are two major Fees.
1) ISO 27001 Certification Fee charged by Accredited Certification Body such as SGS, Lloyd’s Register,BV, BSI, British Assessment, NQA…
2) Consultant Fee charged by us.
The Fees depend on company size, number of locations, business nature and operation complexity
Yes. You can take a series of training courses, draft the documentation…. liaise with Certification Body if you have sufficient time and master the ISO 27001 requirements
No. Because of conflict of interest. Certification Body can provide ISO 27001 Standard generic training only but cannot tell you how to implement ISO 45001 System in your company.
Absolutely Yes. In general, ISO Consultant will draft documentation, guide your company to implement ISO 27001 system until passing in ISO 27001 Certification Audit.
In general, the company can put the ISO 27001 logo in the website, name card and letterhead after receipt of corresponding ISO 27001 Certificate
Copyright © 2019 Gabriel Consultant International Limited