For many organisations, certification to ISO 27001 can be a nerve-racking experience, with concerns about the audit process, what will and could happen, and the need to gain successful certification for commercial or personal reasons. The process is straightforward, and we can assist with any or all the steps to a successful accreditation to ISO 27001.
This schematic shows how the certification process works, with the red titles showing the certification body input. The gap between a Stage 1 and Stage 2 audit will normally be between 2 and 6 months, which allows plenty of time to ensure that all the controls have been implemented and effectively audited; to check that your management understand and apply their leadership and commitment; and to ensure that all staff have the relevant awareness and competency.
Cambridge Risk Solutions can help give you the confidence that you are prepared for the certification process. Our gap analysis is thorough and, unlike a certification body, we can give consultancy, support and advice to ensure that you are prepared for the audit. Working with you, we will ensure that you have the skills and understanding to be able to take ownership of your management system.