Practical, Cost Effective and award-winning

Business Continuity, Crisis Management & Information Security Solutions


0800 035 1231 (Mon to Fri 9am – 5pm)

Suite 3, The Cotton Mill, Torr Vale Mills, New Mills, Derbyshire, SK22 4HS, UK

Gap Analysis & preparation for ISO 27001 certification

For many organisations, certification to ISO 27001 can be a nerve-racking experience, with concerns about the audit process, what will and could happen, and the need to gain successful certification for commercial or personal reasons.  The process is straightforward, and we can assist with any or all the steps to a successful accreditation to ISO 27001.


This schematic shows how the certification process works, with the red titles showing the certification body input.  The gap between a Stage 1 and Stage 2 audit will normally be between 2 and 6 months, which allows plenty of time to ensure that all the controls have been implemented and effectively audited; to check that your management understand and apply their leadership and commitment; and to ensure that all staff have the relevant awareness and competency.

Cambridge Risk Solutions can help give you the confidence that you are prepared for the certification process.  Our gap analysis is thorough and, unlike a certification body, we can give consultancy, support and advice to ensure that you are prepared for the audit.  Working with you, we will ensure that you have the skills and understanding to be able to take ownership of your management system.

Get In Touch

We are always happy to answer any questions you may have, please either contact us by telephone, or by filling in the form below.

Please ensure that you do not divulge any sensitive data as this webpage is not secure.

Cambridge Risk Solutions offered us a first class service that you might expect from a much larger organisation. They combined this knowledge and professional approach with a real personal touch that made the process of developing our plan actually enjoyable.

more testimonials

  • Business Continuity Planning

    Effective planning that takes into account risk evaluation and business impact analysis, supported by clear and concise crisis management. We work with you to develop user-friendly plans.

  • Business Impact Analysis

    The Business Impact Analysis (BIA) is one of the most important, and least well understood, stages of the Business Continuity Management Lifecycle; we can assist with your BIA.

  • Training and Exercising

    No Business Continuity Management programme is effective without a significant element of training. Moreover, ongoing Crisis Management training and exercising is key. We can provide objective training and exercising.

  • Risk Evaluation and Control

    Risk evaluation and treatment provide a process to identify, prioritise and managing your risks. Cambridge Risk Solutions can assist with risk management for business operational and information security risks.

  • Statement of Applicability

    Which controls do you need to have in place? How do you link your risk assessment process into your SoA? How do you ensure that you have effective controls in place? We can assist with your SoA.

  • Integrated Management Systems

    Management Systems assist with your on-going management, maintenance and continual improvement. We work with you to develop a fully integrated management system, enabling certification to ISO 22301 and ISO 27001.