Step One – A qualified ISO 27001 assessor will visit your premises

Once you have decided to apply for the ISO 27001 certification we will arrange an assessment date. The assessment allows us to establish which procedures you have in place so that we can compare these to the requirements of the ISO 27001 standard.

From the assessment the QMS assessor will begin drafting your ISO 27001 manual, revising or formulating any procedures which are required for your organisation to meet the Standard. At this point the draft manual and assessment report will be submitted to an independent technical panel for review.

Step Two – You will receive the assessment report and Gap-Analysis

Following review, the assessment report and gap analysis will be forwarded to your organisation highlighting any rectifications which will need to be completed before you receive your ISO 27001 certification.

Step Three – ISO 27001 Certification

Around 45 days after the assessment date your assessor will return on a pre-booked date to present you with your ISO 27001 manual and certificate, subject to the manual being approved. Presuming all rectifications have been carried out during this time the draft manual and ISO 27001 certificate will be presented to your organisation.

It is your organisation’s responsibility to check over the manual for any referencing inconsistencies (e.g. spelling of names). Once this is done, we will make the necessary changes and send out ‘Issue 1′ of the final manual by electronic format for you to maintain.

Annual Audits

As per the ISO 27001 standard an annual audit must take place over the period of certification to ensure the Information Security Management System is being operated effectively and is achieving its objectives.

To find out more and begin the certification process you can call us today on 0845 86 26 246 or email us at enquiries@qmsuk.com.