What is ISO 27001?

ISO 27001 is an internationally recognised security standard that deals with Information Security Management. It’s a way of making sure your entire business is managing information security risks and data effectively. With cyber crime on the rise, it is now also becoming a common occurrence that businesses are required to comply to certifications such as ISO 27001 in order to win new business and grow.

ISO 27001 certification can be an intensive activity, with many organisations lacking the time or skills required to achieve it, and many preferring to work with a partner such as Wanstor to help with implementation and maintenance.

Hestia Logo
Wanstor's Threat & Vulnerability scanning has given us excellent ongoing visibility into the health and security of our infrastructure. Their security and network experts advise us on how best to close the gaps and increase our security posture, supporting with the remediation effort where we need."
Nishantha Kumarage,
Senior Technical Consultant, Wanstor

How can Wanstor help with ISO 27001 certification?

Our tried and tested methodology in successfully implementing and maintaining Information Security Management Systems will ensure your ISMS meets ISO 27001 standards and keeps your information protected from security threats.

Number One

Gap Analysis

Our ISO 27001 Lead Auditors cross-check your business against ISO 27001 controls to determine what (if anything) you currently have in place. We’ll produce a detailed Gap Analysis report for full visibility of your current posture.

Number Two

Internal Audit

This is a more detailed analysis of whether your business is actually adhering to the policies and processes you have in place and identifying areas of non-conformity and improvement opportunities. We help to define the scope for your ISO 27001 audit, interview key stakeholders, conduct a review of ISMS documentation, and make observations regarding how your ISMS is managed in practice. A full ISO 27001 Audit Report will be issued.

Number Three

ISMS into SharePoint

As a Microsoft Solutions Partner and experts in SharePoint development, we can design and develop your ISMS solution using SharePoint - ideal for designing asset and risk registers and housing documentation such as policy documents, and simple to use.

Number Four

ISO 27001 Certification Audit

We’ll ensure we’ve everything ready and are on hand for your ISO 27001 audit. This is split into two stages.

Stage 1

Auditor goes through ISMS and checks everything is in place and you understand what the scope of the ISMS is

Stage 2

Goes through entire ISMS and ensures all evidence is present to demonstrate you are doing what you say you do

The ISO 27001 Framework

Securing ISO/IEC 27001 can be a complex and time-consuming activity, so why not enlist the help of our security and compliance team who, having been through our own certification process several times, are in a great position to complete this process for you.

List Number One

Establish the scope of the ISMS or Information Security Management System

List Number Two

Perform a gap analysis against ISO/IEC 27001 controls

List Number Three

Create an asset register and risk assessment

List Number Four

Create the policies and establish the organisation of the ISMS including roles and responsibilities

List Number Five

Embed the policies and procedures through staff awareness and implementation of processes

List Number Six

Take your business through the Cyber Essentials audit

Josh Lucas, Information Security Consultant, Wanstor
We develop your ISMS into SharePoint, giving you a clear, visual representation of your current posture. As a Microsoft Solutions Partner and experts in SharePoint development, we are uniquely positioned to be able to do this for customers."
Josh Lucas,
Information Security Consultant, Wanstor

Why Choose Wanstor for your ISO 27001?

Metrics Icon

Gap analysis report provides a comprehensive view of the exact ways your business conforms to ISO 27001 standards

ISO 27001 Security Icon

Our security team are experts consisting of Lead ISO 27001 Implementors, Certified Cyber Security Professionals, Certified Information Security Professionals, Certified Privacy professionals

Checklist Icon

We have years of experience auditing businesses against the ISO 27001 standards, and we do our own

Information Security Management System Icon

We develop your ISMS into Microsoft SharePoint giving a clear, visual representation of your current posture

License Icon

We also help with ISO 27001 recertifications

End-to-End Solution Icon

We can manage your supply chain certifications, giving end-to-end compliance reassurance