ISO 27001 Certification Requirements
Originally introduced as BS 7799 in 1995 and created by the BSI Group to contain the best practices for Information Security Management, after several amendments Part 3 was published in 2005, covering risk analysis and management. As it aligned with ISO 27001 it was replaced and adopted by the International standard.
The ISO Standard states:- It is expected that an ISMS implementation will be scaled in accordance with the needs of the organisation, e.g. a simple situation requires a simple ISMS solution.
An Information Security Management System (ISMS) helps you coordinate all your security efforts - both electronic and physical – coherently, consistently and cost – effectively. The Information Security Management System (ISMS) is a systematic approach to managing confidential or sensitive corporate information so that it remains secure (which means available, confidential and with its integrity in tact). It encompasses people, processes and IT systems.
ISO 27001 and Your Business
In this modern age, information and information systems are vital to all organisations. ISO 27001 sets out specific requirements, all of which must be followed, and against which an organisation's Information Security Management System (ISMS) can be audited and certified.
The latest version ISO 27001:2013 was published on the 25/09/2013 and cancels and replaces ISO 27001:2005. The latest standard puts more emphasis on measuring and evaluating how well an organisation’s ISMS is performing and there is a new section on outsourcing, which reflects the fact that many organisations rely on third parties to provide some aspects of I.T.
The major benefit that ISO 27001 brings to your organisation is a significant completive edge over your competitors. Customers will recognise that you manage and minimise the range of threats to which their and your information is regularly subjected. These threats can be external, from hackers and viruses, as well as internal; from disgruntled employees or simply forgetting to back up.
Fees ISO 27001:2013
|Up to £250,000||£1,950|
|£250,000 to £1.5 million||£2,400|
|£1.5 million to £3 million||£2,950|
|£3 million to £6 million||£3,450|
For Company’s with a turnover that exceeds £6 million price on application: Annual external audit fee £700, £750, £800 and £850 respectively.
Fees apply to mainland only. Fees subject to vat at the prevailing rate.
ALL FEES ARE INCLUSIVE OF TRAVEL & EXPENSES!