bsi-iso-27001ESS Advisory Practice provides a range of services designed to support and help align organisations to meet the certification requirements and ongoing compliance with this international recognised information security management. ISO 27001 is designed to provide independent assurance that an organisation’s security regime is aligned to best practice. Certification to the standard is undertaken by accredited certification bodies, based upon an assessment of security documentation and verification of security controls. ESS can help organisation confirm the rationale for adopting the ISO27001 model and integrate existing security regime and documentation into the approach. Once adopted, ESS Advisory can help to raise awareness, deliver training and encourage skills transfer to ensure ongoing best practice and compliance. ISO27001 services include:

  • Gap Analysis – identifying the scale of work required to achieve compliance or certification
  • ISO 27001 strategy development and its application to a cloud based service model
  • Risk Assessment and Management in accordance with ISO 27005
  • Benchmarking and auditing against ISO27001
  • Assessment of supplier compliance
  • Management of full certification projects