ISO 27001

Get Compliant. Stay Compliant.

ISO 27001 Consultants

ISO 27001 Certification and Consultancy Services

ISO 27001 Consultancy Services and Certification in Greater Manchester, Yorkshire and the UK

ISO 27001 (formally known as ISO/IEC 27001:2013) is the international standard that provides the specification for a best-practice information security management system (ISMS). ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes.

As one of the most popular and recognised information security standards in the world, more and more business customers ask their suppliers for the ISO/IEC 27001:2013 certification to prove their compliance. At CDS we can assist your business and provide a full ISO 27001 consultancy service to get your business ready for certification.

The ISO 27001 framework was developed to provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system.

Our consultancy service starts with a GAP analysis to provide an audit of your current situation and highlight areas of non-conformance in relation to ISO 27001 readiness. With over 10 years of industry experience our consultants can then help you implement the necessary changes to make you ready for ISO 270001 certification. We can take ownership of the entire process for you and provide your staff with the training that they need to help them review and maintain your information security management system in line with ISO 27001 standards.

As part of the ISO 270001 certification regular internal auditing needs to be carried out as well as continuing to update your policies and procedures in line with changing business requirements. At CDS our ISO 27001 consultancy services can provide you with the assistance and support you need to successfully maintain your ISMS implementation and certification.

Discover how CDS can assist in getting your business ready for certification. We have an expert team of consultants who through their collaborative approach will aid you in achieving ISO 27001 compliance.

ISO 27001 Services

If you are at the initial stages of planning your journey to ISO 27001 Certification, a Gap Analysis is an ideal place to start. Our Gap Analysis is a brilliant initial audit to assess your current situation in terms of ISO 27001 readiness and identify areas of non-conformance in relation to the current ISO 27001 standard. This can then form the basis of your roadmap to ISO 27001 conformance.

Key Differentiators:

  • Completely bespoke programme and schedule of work through consultative scoping
  • Thorough audit on-site with a comprehensive review of policies and procedures. CDS will then deliver a tailor-made action plan to outline your roadmap towards conformance, creating a bespoke report of work outlining our findings.
  • Very quick turnaround, Get your report within 7 days of the site visit
  • A low cost/ High impact first step toward ISO 27001 certification
  • Minimal disruption to BAU

Once CDS have carried out a gap analysis and provided a report listing all recommendations with a priority rating against each one, you will have a clear roadmap to ISO 27001 certification. You can either implement these recommendations yourself or enlist our qualified practitioners to help implement and improve the areas of concern. Our qualified practitioners can take ownership of all or part of the ISO 27001 certification plan and make sure that this has been implemented across all relevant areas of the business.

Key Differentiators

    • All consultancy is carried out by our fully qualified practitioners and consultants with over 10 years of industry experience.
    • Through our transparent and consultative approach, we can mentor incumbent resource on areas of conformance as part of the service.
    • CDS can be involved as much or as little as your require, with the ability to take complete ownership of a project and see it through to completion.

There are a total of 114 controls across 14 different categories in ISO 27001. You do not necessarily have to implement them all as not all these controls are relevant to every organisation. However, those that are applicable, require regular internal auditing. Our qualified consultants can support you with these audits.  

Key Differentiators

    • All audit consultancy is carried out by our fully qualified consultants with over 10 years of industry experience.
    • Through our transparent and consultative approach, we can mentor incumbent resource on areas of conformance as part of the service.

Training is a large part of compliance. Creating an Information Security Management System (ISMS) alone will not equate to ISO 27001 certification. Organisations must then ensure that this Information Security Management System (ISMS) is embedded and followed throughout the entire organisation. Regular training is the best way to make this happen.

CDS provide on-site training solutions bespoke to your organisation. Rather than generic training sessions, we use your Information Security Management System (ISMS) to tailor our training sessions to your organisation.

Key Differentiators

    • Fully qualified and experienced trainers
    • Bespoke training solutions
    • Classroom based training
    • Tailored on-the-job training
    • Interactive training sessions

Getting your ISO 27001 certification is great, maintaining your ISMS is an on-going process. CDS can help you in every aspect of maintaining your certification, some of these aspects are:

    • Adhering to all the policies and procedures in the ISMS
    • Continually updating the policies and procedures in line with the changing requirements of your organisation
    • Performing internal audits

Key Differentiators

    • All consultancy is carried out by our fully qualified practitioners and consultants with over 10 years of industry experience.
    • Through our transparent and consultative approach, we can mentor incumbent resource on areas of conformance as part of the service.
    • CDS can be involved as much or as little as your require, with the ability to take complete ownership of a project and see it through to completion.

CDS offer bespoke fully managed on-going annual support services. This allows your organisation to work towards and maintain your ISO 27001 certification whilst controlling budgets and resources. Essentially, we become an extension of your in-house team or in some cases, we become your team.

As well as taking care of any remediation action necessary based on the findings of the gap analysis, CDS can undertake ad-hoc consulting briefs and take ownership of implementing and delivering individual projects. 

All bespoke support service agreements include access to a business hours helpdesk and a fully qualified on-site consultant. In order to provide costings for this service, CDS would agree with you how often you would like your on-site consultant to visit and how much remote support desk assistance you would require. Using this information, CDS can provide you with an annual cost for the service.

Key Differentiators

    • Tailored / bespoke contracts to meet your exact requirements
    • Low cost and effective data protection support partner
    • Full end to end support for achieving and maintaining ISO 27001 certification
    • Fully qualified professionals with considerable industry and legal experience
    • Remote and on-site support provided

CDS have partnered with KnowBe4, the world’s largest integrated platform for awareness training combined with simulated phishing attacks. Their training platform covers data protection and cyber security. This training platform gives you access to a library of 900+ training items comprising of interactive modules, videos, games, posters and newsletters.

You can also use this platform to send simulated phishing attacks to your employees. You can then monitor and report on the outcome of these simulated phishing attacks in order to assess which staff members require refresher training.

Key Differentiators

    • Engaging, Interactive Browser-based Training. The interactive training gives your users a fresh new learner experience that makes learning fun and engaging. With the optional gamification feature, users can compete against their peers on leaderboards and earn badges while learning how to keep your organisation safe from cyber-attacks.
    • Automated Security Awareness Program (ASAP). ASAP allows you to create a customised Security Awareness Program for your organisation to help you create and implement a fully mature training program in just a few minutes!
    • Phish Alert Button. KnowBe4’s Phish Alert add-in button gives your users a safe way to forward email threats to the security team for analysis, and deletes the email from the user’s inbox to prevent future exposure. All with just one click!