What is ISO 27001:2013?

It is the International Standard for Information Security, and it is recognised across the World as the framework of best practice for information security, which can then be externally checked and certified by an independent body.

All certificate bodies within the UK should be approved by UKAS (UK Accreditation Service).

The International Standard is risk-based and requires the identification of all assets and their implied risk to the information security of the business. These risks can be mitigated by using the listed controls that cover all of the main processes and procedures that a business would encounter. The standard, as with other things like Health and Safety, needs to become part of the staff culture to be effective and requires leadership from above to maintain its effectiveness.

The certificate for a business will last for 3 years and is subject to the certification body returning at regular intervals to check on compliance. This is at least once a year and dependant of the size and complexity of the business.

What can we offer?

  • ISO27001 Implementation Consultancy

  • ISO27001 Compliance Assessments

  • ISO27001 Internal Audits, where a certified business lacks the resource

For more details
email Steve or
07971 575442
01834 814814

© Coast Consultants Ltd 2019