ISO 27001

Change language:

Quick Links

AS 9100 (Includes 9001)

ISO/TS 16949 (Includes 9001)

OHSAS 18001

PAS 43 (Includes 9001)

RT05 (Includes 9001)

Socially Responsible Manage't

ISO 27001

ISO/IEC 27001 - Information Security Management Systems (ISMS)

All companies depend on information in one form or another to operate their business processes. Much of this information is now stored and processed electronically and is exchanged with business partners over computer networks; many of which are public. Security of information may be at risk from a number of areas. Should the company's system not be secure the consequences of data corruption may be catastrophic.

With the rapid expansion in electronic commerce, especially in international trade, there is a corresponding interest in the ability of companies to demonstrate control of the security of their Information systems. Extensive guidance on organizational aspects of risk assessment and control is given in the Code of Practice for Information Security management ISO/IEC 27001. It supports the Specification for Information Security Management Systems, ISO 27001 which, in turn, provides the basis for independent assessment of an organization's ISMS, by United Registrar of Systems.

For more information regarding this standard and Code of Practice, please contact your local United Registrar of Systems office.

Certification process for ISO 27001

Once your ISMS is fully documented and has been operating for at least 3 months you may then proceed with registration. The eight steps to certification are outlined below along with the costs:

Steps To ISO 27001 Certification

Step 1

Complete the Enquiry / Application Form (Please click on the link to go to the form) then submit form to your local office.

Step 2

Once we have received your Enquiry / Application form we shall send you a Core Questionnaire for completion.

Step 3

On receipt of the completed questionnaire a formal quotation will be sent to you.

Step 4

If you find our quotation is acceptable, please sign it and return it to your local office.

Step 5

We will arrange and conduct an on-site document and readiness review. We will leave a copy of our report with any findings with you and if satisfactory arrange a mutually convenient date for the on-site audit.

Step 6

We conduct an on-site audit once it is agreed that you are ready to move forward. We produce a report on the findings plus recommendations. Unsuccessful audits may require a re-audit.

Step 7

The Certificate of Registration is issued, once all points, if any, have been addressed from the on-site audit.

Step 8

Surveillance visits are performed at least once a year but may be more frequent, depending on the size of your company.

Notes: An informal (but chargeable) pre-audit visit may be requested to determine readiness for formal assessment.

NB: Where required national taxes will be applied e.g. UK VAT @ rate applicable.
In some cases local travel and accommodation expenses will be levied e.g. USA.