ISO 27001 certification - protect your most valuable asset; your information

Read our latest news

WHAT WE DO

The consequences of poor information security management can be serious and costly. Companies that handle information need to demonstrate that they have a proven Information Security Management system to address and mitigate risks.  ISM Solutions can help you to become ISO 27001 certified to help protect information assets and keep them secure.

GAP ANALYSIS

The Gap Analysis is our introduction to ISO 270001. We analyse your business against the core clauses to understand the gap you need to bridge to become certified to the standard.

SYSTEM REVIEW

We review your existing Information Security Management System (ISMS), or if you don’t have one, your working practices against the ISO 27001 controls. We can then identify the areas that require prioritisation and help you create the best system for your business.

RISK MANAGEMENT

We review your existing risk assessment methodology or help you implement a robust and repeatable process for identifying and analysing information security risks.

THIRD PARTY MANAGEMENT

We help you assess and apply your stringent information security practices to your partners, suppliers and other third parties to ensure they adhere to your processes and procedures.

policies and procedures

We review or help to create the documentation you need to support your information security processes and procedures in line with the standard.

INTERNAL AUDIT

We will audit all areas of your business against the standard and document the outcomes to enable you to review your working system ready for certification, and make any required enhancements or improvements before assessment day.

CERTIFICATION SUPPORT

We accompany you on assessment day and assist with the process, answering questions when required and providing hands-on support.

POST CERTIFICATION

We provide ongoing support post certification such as regular audit reviews, training and hands on, on site or phone support as required.

Our marketing agency experience means we understand your unique challenges. Your client and supplier relationships are highly sophisticated, but that doesn’t mean your ISO 27001 implementation needs to be complicated.

Your data is hosted in dual locations, you have hundreds of third party data suppliers and sub-contractors, your clients send you data in weird and wonderful ways – sound familiar?

ISM Solutions are used to these types of challenges. We admit that managing them within the ISO 270001 framework isn’t always straightforward. But our agency experience means we can help you implement the right systems quickly and effectively; what’s more you won’t need to spend time explaining how your agency, client and data supplier relationships work.

'It’s important to create a system that supports your business. Quick fixes and standard templates that promise certification in record time often fail to deliver. And it’s much more costly to try and adapt your business practices to fit a template, than to create bespoke solutions that reflect how your business actually works! Let’s face it, one size rarely fits all'. Amanda Ling, ISM Solutions

The benefits

Protect your business and inspire trust

So let's talk benefits. If it's your job to convince the Board to invest in Information Security you will need to be ready to answer that golden question - what are the benefits? There are of course many benefits of becoming certified, here are the four that make the top of our list...

  • It's impossibe to put a value on the benefits of preventing security incidents that haven't yet happened, however it is clear that the costs of correcting them are likely to be significant and the effects far reaching.

  • The efficiencies gained by implementing the standard is one of the top benefits cited by our clients. Immediate value achieved through time saved responding to information security requests and managing third-party security requirements are often top of the list.

  • The ability to differentiate your company from your competitors is key. Being certified can often be a minimum requirement for inclusion on a pitch list, it can therefore help you win new business.

  • You only have to read a newspaper or watch the news to witness the damage that high profile data breaches attract. Security measures are essential to protect your brand and inspire consumer trust.

OUR CERTIFICATION SPECIALISTS

AMANDA LING

CERTIFICATION STRATEGY DIRECTOR
Amanda’s marketing agency experience coupled with her information security knowledge makes her the perfect partner for any agency looking to become certified.

GRAHAM HENSTRIDGE MBCS

CYBERSECURITY DIRECTOR
Graham has over 25 years experience in IT and Information Security and he’s a certified ISO27001 Lead Implementor. It’s safe to say that there’s simply nothing Graham doesn’t know about keeping your data secure.

OUR LATEST NEWS