1-888-PIVOT-POINT | 1-888-748-6876 info@www.pivotpointsecurity.com
Talk with an Expert »
Select Page
Access Here >> The Recipe & Ingredients for ISO 27001 Certification

ISO/IEC 27001 Certification

The ISO 27001 Certification Process can be intimidating. Our expertise is in getting you fully prepared for your ISO 27001 certification, but the process doesn’t end there as we can provide support throughout the remaining steps required to be certified. 

Contact An ISO 27001 Expert Today

ISO 27001 Certification Process

Here is the “simplified” journey to get ISO certified:

The process for obtaining certification can be complex. Here is more information on how your ISO 27001 project can come to fruition:

Steps for Getting Certified

PPS Support (if required)

Preparation for ISO 27001 CertificationPivot Point Security’s ISO 27001 certification consulting services have positioned dozens of our clients for successful certification. Click here for more about our consulting services.
Registrar SelectionAn ISO registrar will conduct the required information security audits and issue your ISO 27001 certification. Selecting the right registrar can reduce your costs and/or increase the likelihood of certification success. PPS works with you to select the best registrars, fills out the required questionnaires, and assists in the registrar selection process.
Preliminary ScreeningMost registrars will perform a quick review of the documented ISMS to determine whether it meets the requirements of the standard, prior to scheduling the formal certification audit. This is done to ensure that neither your or their time/money is wasted on a formal audit if the ISMS is not ready. PivotPoint’s proven ISO/IEC 27001 consulting process generates the necessary artifacts to ensure your readiness for the certification audit.
Stage 1 ISO 27001 Certification AuditDuring Stage 1 of the certification audit (also commonly referred to as the table top audit) an extensive review of the ISMS documentation is conducted. This process generally extends over 2 – 3 days with the outcome being a report on preliminary “failures” (referred to as either major or minor non-conformities). If the ISMS documentation fails to meet the required standard, the Registrar will require corrective action (or corrective action plans) before proceeding to Stage 2. PPS often provides on-site Stage 1 Certification Audit Support. That is, we are at the table, as a member of your team, working with you and on your behalf. The advantage of this approach is that having an ISMS expert there to explain subtleties of your ISMS reduces the likelihood that an auditor will issue a non-conformity.If the registrar is considering issuing a non-conformity, it is often possible to update the ISMS documentation during the Stage 1 audit to prevent a non-conformity.
Stage 2 ISO 27001 Certification AuditDuring Stage 2 of the certification audit (commonly referred to as the compliance audit) the registrar will examine evidence that the ISMS is operating effectively, consistently, and in compliance with the organization’s documented ISMS (which has already been validated to meets the requirements of ISO 27001 during Stage 1).PPS often provides onsite Stage 2 Certification Support. We are present at the different sites/locations that the auditor samples, as a member of your team, working with you and on your behalf. Having an ISMS expert on hand to explain the evidence (or “appropriate” lack thereof) reduces the likelihood that an auditor will issue a non-conformity.

ISO 27001 Roadmap

ISO 27001 Roadmap

Downloaded over 4,000 times

Simply fill out the form below to receive your roadmap instantly via email, or email us at info@www.pivotpointsecurity.com.