ISO 27001 Certification FAQ: What’s involved?

29 Sep, 2016

What is ISO 27001 certification and how can the system help my business?

Information is an asset which, like other important business assets, needs to be suitably protected. The ISO 27001 Information Security Management System is a systematic and pro-active approach to managing security risks which arise within an organisation.

The system helps businesses to identify and manage vulnerabilities, promotes efficient management of sensitive corporate information and highlights risks to ensure it is adequately protected against potential threats. The standard encompasses not just IT systems but places people and process at the heart of the system.

An ISO 27001 certification can be achieved by any business of any size, in any given sector, which is looking to protect sensitive data and enhance its security processes.

This standard will help your company coordinate all your security efforts both electronically and physically, cost effectively and with consistency to prove to existing clients and potential customers that you take the security of their personal/business information seriously.

  • What does ISO 27001 certification involve?

The certification process can vary between different certification providers. As part of our process we start by carrying out an initial assessment, which allows us to identify any areas of noncompliance and suggest any recommendations.

We then produce a manual with the compulsory security procedures, tailored to and in line with your current business processes. Once all of the requirements are met, we present you with the manual and your certificate.

As part of the standard you will need to identify the scope of your business, create an information security policy, produce an asset register and a risk assessment and examine your security controls, which could be policies such as access rights and working from home.

Once all set up and certificated, you will be audited on a yearly basis to ensure you are in line with the standard and still delivering to your policies. At ISO Quality Services Ltd, we also offer a 6-month internal review in which a consultant will visit you and review your system, providing help and support to make sure your system is where it needs to be to achieve re-certification.

  • How quick is the ISO 27001 certification process?

With ISO Quality Services Ltd you can achieve certification the ISO 27001 within 6-8 weeks.

  • How long does the ISO 27001 certification last for?

The certification is reviewed and renewed on an annual basis.

  • What is the cost for ISO 27001 certification?

The costs for ISO 27001 depend on the size of your business and the number of your employees. If you would like to find out specific costs to implement ISO 27001 in your business, please request a quote on our website or get in contact with us to arrange an appointment at your offices.


Worcester-based, ISO Quality Services Ltd is proud to specialise in the implementation and certification of the internationally recognised ISO and BS EN Management Standards.

Do you want to protect the data within your business? Are you seeking training to understand the ISO 27001 further? Contact ISO Quality Services Ltd today on 01905 670303 or email info@isoqsltd.com.


The National Cyber Skills Centre and ISO Quality Services Limited are collaborating on a 12 week series of articles, made available free their respective websites, to raise awareness for SMEs on how the adoption and adherence to a recognised industry or international standard provides the levels of information security and governance expected in todays business world.

ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.

Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today on 0330 058 5551 or email info@isoqsltd.com.

Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.

Related Posts

Reduce, Reuse, Recycle

ISO 14001 Is Just About Recycling… Isn’t It?

19 Sep, 2023

The days of checking bins have gone! Find out how ISO 14001 has changed with the times.

Puzzle piece being put in place in to the center of a circle.

10 Benefits of Implementing Multiple ISO Standards

30 Aug, 2023

In the dynamic landscape of modern business, organisations are constantly seeking ways to enhance operational efficiency, quality, and management practices. A powerful strategy that has gained traction is the implementation of multiple ISO standards.

Multicoloured question marks in a pile with one large green question mark on top

What is the Annex SL Structure?

30 Aug, 2023

Implementing multiple ISO standards may seem daunting, but the Annex SL framework simplifies this process significantly. So, what is the Annex SL Structure, and what benefits does it bring organisations who want to implement multiple standards?

What are the business benefits of implementing ISO 9001?

10 Aug, 2023

For any business to survive, continual improvement is vital.  However, we all know that improvements can be costly.  Deciding on the right way to spend any budget you do have can be difficult including new equipment, extra staff or training existing staff to name but a few.  In this article, we look at why ISO 9001 can be a big boost to any business and why we believe it is the best way to ensure continual improvement for your business.