top of page

ISO 27001

What is ISO 27001

ISO 27001 is an international standard on how to manage information security. ISO 27001 provides a framework of standards for how businesses should manage their information and data.

The ISO 27001 framework helps organisations “establish, implement, operate, monitor, review, maintain and continually improve an ISMS”

 

The standard addresses risk management and has 10 management system clauses. This is accompanied with 114 information security controls.

What are the benefits of ISO 27001?

ISO 27001 is internationally recognised and can help you comply with laws, such as the GDPR, or industries standards.

Further benefits include:

  • Protect your reputation

  • Gain a competitive advantage

  • Improved company culture

  • Improve your ability to rebel cyber attacks

  • Increase you ability to recover operations effectively 

  • Secure your employee's and customers data

Our Services

Our experts can help you achieve the ISO 27001 certification or align your business' security posture with this internationally recognised framework. 

Full Support

Our ISO 27001 Lead Implementer will take you from start to finish on your journey to achieve the ISO 27001 certification.

We will establish an Information Management Security System and ensure a security culture is embedded within your business.

An External Penetration Test Includes:

  • Pre-engagement meeting

  • 5-day investigation

  • Full Report – with discoveries and remediation

  • Post-engagement meeting

Partial Support

Our experts can aid you with the development and maintenance of your Information Security Management System (ISMS) environment.

This option is helpful when you have failed an audit, are seeking re-certification or someone has inherited control of the ISMS.

An External Penetration Test Includes:

  • Pre-engagement meeting

  • 5-day investigation

  • Full Report – with discoveries and remediation

  • Post-engagement meeting

Internal Penetration Testing

An internal penetration test centres around what an attacker could do once they are inside your network.

We place our PenTest Dropbox inside your network and impersonate the tactics, techniques and procedures based on real-world observations of known adversaries.

We attempt to uncover misconfigurations and security flaws inside the internal network.

An Internal Penetration Test includes:

  • Pre-engagement meeting

  • Investigation inside your company’s network.

  • Full Report – with discoveries and remediation

  • Post-engagement meeting

bottom of page