Achieve ISO 27001 certification

Everything you need to get ready for the Stage 1 audit in just 5 weeks.

Try our free toolkit
ISO 27001 stamp

Do you need to certify for ISO 27001 at the request of a client but you’re not sure where to start?

Between our self-help toolkits and consultancy services, we’ve got you covered.

Get in touch

See how our ISO 27001 toolkit can help you achieve certification

  • Step-by-step guide

    A clear ISO 27001 implementation guide to quickly understand how to navigate the certification process and set up your Information Security Management System (ISMS). Learn how to define your assets, identify your risks and ISO 27001 controls, write your documentation, and implement a continuous improvement framework.

  • Asset register

    We provide you with pre-filled asset examples based on your business type to make it easier for you to document what information you want to protect.

  • Risk assesment

    Rather than spend hours trying to identify the risks yourself, we give you a pre-defined risk register based on your business type. All you need to do is pick which risks are relevant.

  • Documentation templates

    We provide you with templates for policies, procedures and forms, including the Information Security Policy, ISMS Manual covering the main clauses (4 to 10) of the standard, and all annex A controls. Log in and use these resources to certify rapidly.

What makes our toolkits different?

Our ISO 27001 online toolkits have been designed with small and medium businesses in mind.   

Most certification programmes offered by ISO consultants are tailored to larger organisations. That means you waste your time and resources on drafting documentation that is not relevant to your business; and building an ISMS that’s more complicated than it needs to be.

Only do the necessary work to certify your business quickly and cost-effectively.   

See our pricing plans

Our proven process will get your business ready for the Stage 1 audit in just 5 weeks

Hover or tap on each card to read more

30 Minute Introductory session with an ISO 27001 Consultant. At the end
of the session you will know:
  • What a management system standard is, how it works and more
    specifically what an ISMS is
  • What a “risk-based approach” to decision making means in the context
    of ISO and BS standards
  • What steps to take to achieve certification for ISO 27001
  • How to define your scope for each standard
  • Some of the key terms and definitions
  • The core ISO 27001 requirements
  • What Annex A is about and how it links to the main body of the standard
    • Identify your information assets from our Asset Register templates.
    Pick from 4 typical organisation profiles the one closest to you:
  • The "on-premise" organisation
  • The "Cloud" organisation
  • The "Virtual Service" organisation
  • The "Virtual SaaS" organisation
  • Or start from our blank template.
    • Define your risk management framework:
  • Build your Consequences and likelihood scoring matrix
  • Identify applicable risk from our risk catalogue based on your
    assets and activities
  • Score risks
  • Determine risk treatment plan
  • Determine your Statement of Applicability (SoA)
    • Writing your Documentation:
    We strongly believe that only the minimum amount of
    documentation should be produced; and it should be written
    in a way that is meaningful to those who need it, i.e. your colleagues.

    Our templates are in plain English and as short as possible.

    Using our approach will likely give you no more than 20-25
    different policies, procedures and spreadsheets to maintain.
    Build your ISMS Tracker:
  • Download our spreadsheet template or build your own in
    SharePoint 365, Azure DevOps, Jira or Gitlab
  • Download templates for all the forms your need, such as
    change requests, incident reports, nonconformities and more
    • Internal Audits:
    Use our templates to plan your audit schedule and perform
    internal audits yourself.
    Operate your ISMS:
    In the two to three months between the Stage 1 and Stage 2
    audit, you will start implementing your ISMS and learn how to
    use it in practice.
    Don't forget you will need to demonstrate to the external assessor
    at Stage 2 that your ISMS is in operation - Store your evidence
  • Meeting minutes
  • Emails
  • Reports
  • ISMS Tracker and forms
  • Logs and audit trails
    • You are now ISO 27001 Certified.

    Need a safe pair of hands?

    "We passed stage 2! Many thanks for all your support and advice - it's been absolutely invaluable. We'd never have passed without it!"
    Mark Wightman
    Mark WightmanCTO at Aluma.io
    "The penny dropped for us on the very first call with Digital Octopii where our ISO 27001 consultant explained the entire process and objectives, providing us with a good understanding of what we were trying to achieve by certifying."
    Simon Franc
    Simon FrancCEO of Kulpa
    We had an ambitious target to obtain 4 accreditation in under 12 months, there was no way we could have accomplished this without your guidance and support. You have been great to work with and made this an enjoyable process for the whole team. Through your guidance we have become more structured, efficient and compliant, opening up many more opportunities for the future. Thank you for the very professional service you have provided.
    Barry Higgins
    Barry HigginsDirector at OSS
    Previous
    Next

    Achieve ISO 27001 certification with our toolkit

    Try the free version