Show me desktop version

Go it alone

Because you have to create each document yourself, and try to figure out every step yourself, this is definitely the most labor- and time-intensive method. Lots of organizations try this first, but only a very few actually manage to become certified. Oftentimes, after several months (or even years) have gone by, these organizations find that they wasted countless hours and large sums of money without any results.

 

SHOW ME THE MATRIX

Bring in a consultant

It’s true that a consultant can lead you through the whole process, but after that comes a huge bill. But, if money isn’t a concern and you want to go this route, be sure and use our ISO 27001 / ISO 22301 consultant checklist to fully vet the consultant you select (consultants’ knowledge and experience can vary greatly).

 

SHOW ME THE MATRIX

Do it yourself with professional guidance

Do it yourself with professional guidance – This is the way 27001Academy does things. We give you everything you need: documentation templates, professional advice, online tutorials, and expert guidance. This way, you can get your ISO 27001 and/or ISO 22301 certification.

 

SHOW ME THE MATRIX

Examine Your Options

In this step, you’ll look at each of your implementation choices. You basically have three ways for your business to become certified in ISO 27001 or ISO 22301:

  • Go it alone – Because you have to create each document yourself, and try to figure out every step yourself, this is definitely the most labor- and time-intensive method. Lots of organizations try this first, but only a very few actually manage to become certified. Oftentimes, after several months (or even years) have gone by, these organizations find that they wasted countless hours and large sums of money without any results.
  • Bring in a consultant – It’s true that a consultant can lead you through the whole process, but after that comes a huge bill. But, if money isn’t a concern and you want to go this route, be sure and use our ISO 27001 / ISO 22301 consultant checklist to fully vet the consultant you select(consultants’ knowledge and experience can vary greatly).
  • Do it yourself with professional guidance – This is the way 27001Academy does things. We give you everything you need: documentation templates, professional advice, online tutorials, and expert guidance. This way, you can get your ISO 27001 and/or ISO 22301 certification without a consultant.

Free ISO 27001 / ISO 22301 Consultation

We have ISO 27001 & ISO 22301 consultants ready to talk to you about where your organization is and what actions to take next. We know how complicated things can get, and we’re here to provide guidance you can rely on.

Find more information and support in our ISO 27001 & ISO 22301 Blog

How two-factor authentication enables compliance with ISO 27001 access controls

Access control is one of the cornerstones of security. If you cannot control who access what, you cannot ensure security at all. Because of that, access control stays in the main focus of security teams and wrongdoers. Today, simple use of passwords, tokens, or biometrics is not enough to prevent ...Read more

Enabling communication during disruptive incidents according to ISO 22301

Disasters and disruptive business incidents push people and organizations to their limits, and one of the first impacted elements are communication systems. Depending on incident type and magnitude, increased demand for communication, or communication infrastructure capability reduction, may render communication impossible, adding more confusion to an already chaotic situation. ISO ...Read more

Organizational resilience according to ISO 22316 – Is this another buzzword?

Both management systems standards on information security (ISO 27001) and business continuity (ISO 22301), while trying to encompass the whole organization, still lack components and dimensions to holistically protect an enterprise. The concept of resilience expands these approaches and enhances the preparedness and development of organizations. Resilience – What’s this? ...Read more

Beyond the BCM Manager: Additional roles to consider during the disruptive incident

A crisis or disaster is something that no organization, regardless of its size, wants to go through. Because of this, many of them adopt business continuity practices, such as Business Continuity Management Systems (BCMS) based on ISO 22301, to minimize the chances of such events occurring and, if they occur, ...Read more

What does ISO 27001 Lead Implementer training look like?

The ISMS (Information Security Management System) plays a very important role in every business these days. Since implementation of the ISMS can be a complex process (and usually differs in each industry sector), in order to participate and build this system, a good approach is to learn how to implement ...Read more

Segregation of duties in your ISMS according to ISO 27001 A.6.1.2

Today’s automated solutions and information and communication technologies allow a few people to handle a great deal of information and processes (e.g., stock exchange operators and air traffic controllers). While this is good to improve productivity, a potential side effect is that these few people may end up gathering excessive ...Read more
Request callback
Request callback

Or call us directly

International calls
+1 (646) 759 9933