Phone Icon 0333 323 3981

Contact us

ISO 27001 Consultancy

ISO 27001 requires addressing all of the information security procedures surrounding each area of your business, from the way you communicate with your clients to how you ensure your information security policy is communicated throughout your staff team.

This can be a time consuming and resource-heavy procedure, so using an experienced information security consultant to help define your scope and install your Information Security Management System can provide guidance and manageable timescales to ensure you are prepared for your audit.

Our qualified consultants are experienced in helping businesses of all sizes to identify their risks and implement a robust ISMS. We have consultants from both ISO and more technical backgrounds including CLAS and CISSP, to ensure your business gets the expert support it needs.

The consultancy support available is:

  • Gap Analysis – 2-5 days including report write-up.
    • Test current security controls against ISO 27001 Annex A
  • ISMS implementation – Consultancy days sold in blocks of 5
    • Define a security policy
    • Define the scope of the ISMS
    • Conduct a risk assessment. 
    • Manage identified risks
    • Select control objectives and controls to be implemented
    • Prepare a statement of applicability
  • Audit preparation – Consultancy days on request (consultant can be present on audit day/s if required)
    • Full system audit
    • Address non-conformances
    • Document preparation
    • Staff/management preparation
  • Ongoing Business support – Consultancy days on request
    • Staff training
    • Remote CISO support (Chief Information Security Officer)
    • Change consultancy
    • ISMS Forum Meeting Guidance agendas, minutes and actions 

To discuss your ISO 27001 requirements, please contact us here.


We are unique in the ability to work with businesses to take them through a three-step process to achieve security, compliance and certification, utilising strong relationships we have with consultants, auditors and certification bodies.

More info


We are able to offer independent cyber security consultancy, advice and coaching to help you identify the cyber security needs of your business and where we can recommend solutions, services and training to mitigate the cyber risk.

More info

ISO 27001 Compliance

By achieving the ISO27001 certification, you can demonstrate that you are operating at a best-in-class standard for your Information Security Management System (ISMS) for both paper and electronically based assets.

More info

PCI DSS Consultancy

Our consultants can take a lead on your PCI compliance, bringing extra resource to streamline your processes and help you to prepare compliance reports to achive the Payment Card Industry Data Security Standard.

More info

Social Engineering Consultancy

Social Engineering is the act of using various methods of manipulation to gain access to information through human interaction – often by tricking an individual into breaking normal security procedures.

More info

Policies & Procedures Training

Communicating policies and procedures through the workforce to ensure company-wide compliance is a challenging task for most businesses to face. Policies are at the heart of company culture; Staff training and continuous professional development are ...

More info

Information Security Consultancy

In addition to our off-the-shelf training courses which are suited to board members and employees, we are also able to deliver bespoke sessions which focus on your specific requirements and highlight how your staff can assess the issues regarding tod...

More info

About ISO 27001

By achieving the ISO27001 certification, you are able to demonstrate that you operate in line with a best-in-class standard for your Information Security Management System (ISMS)

More info

Data Protection Training

To familiarise all members of the workforce with the legal implications with handling, sharing and storing data. The course will demonstrate the regulations that businesses must follow to ensure they are working in line with, and are not at risk of...

More info