This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here

Jump to navigation

Implementing ISO27001

ISO27000 Standards | Books | Training | Toolkits | Consultancy | Our Complete ISO27001 Catalogue | ISO27001:2013

ISO27001 is the international best practice Information Security Management Standard (ISMS). This page provides everything you need to help you implement an ISO27001 ISMS, in any sector, in any organisation, anywhere in the world. You can find out more about ISO27001 here and further information about the latest version of the standard, ISO27001:2013, published on 25 September 2013, here.

What is on this page:

Getting Started

The best idea for any individual or organisation interested in ISO27001 is to gain an understanding of the Standard. Background reading is essential to understand the principles of the Standard, how it can help your organisation and what approach would be suitable for your ISO27001 project.

The revised ISO/IEC 27001:2013 standard, alongside the code of practice ISO/IEC 27002:2013 were launched on 25 September 2013. Due to the changes presented by the new standard, there are various options to choose from regarding ISO27001 certification and compliance. Visit the ISO27001:2013 page for further information about which certification option and pathway would be best suited to your needs.

For those new to ISO27001, IT Governance recommends reading the following books:

  • Nine Steps to Success 27001:2013 – The new edition of the original no-nonsense guide to successful ISO27001 certification. Ideal for anyone tackling ISO27001 for the first time, Nine Steps to Success outlines the nine essential steps to an effective ISMS implementation.
  • An Introduction to Information Security and ISO 27001 (2013) A Pocket Guide - Up to date with the latest version of the Standard (ISO27001:2013), An Introduction to information security and ISO27001:2013 is the perfect solution for anyone wanting an accurate, fast, easy-to-read primer on information security from an acknowledged expert on ISO27001. This book gives a basic understanding of information security and ISO/IEC 27001.
  • IT Governance: a Manager's Guide to Data Security and ISO27001 / ISO27002 – This book is the world premier guide on ISO27001 project management. It is the Open University's postgraduate information security text book.
  • The Case for ISO27001 – This book offers a comprehensive description of the benefits of ISO27001. It is designed to help management make an informed decision when embarking on an ISO27001 project.

Training Courses

ISO27001 is a complex issue and training courses provide the face-to-face learning to help individuals clearly understand the principles of the Standard.

Course leaders bring clarity to complex issues and pass on knowledge accrued through years of training and practical experience. Additionally, it is extremely beneficial for delegates to learn from other delegates, sharing the real world examples that they are experiencing in their own ISO27001 project.

IT Governance offers a wide range of courses to support ISO27001 implementation, ranging from Foundation to Advanced level. We can also provide tailored in-house training and assist clients in acquiring the appropriate Information Security Qualifications.

Training options related to ISO 27001:2013:

All IBITGQ-accredited ISO27001 training courses include an additional ISO27001:2013 update that provides delegates with the latest information about the changes to the standard and the implications thereof for transition and certification against ISO27001:2013. Please visit our ISO27001:2013 Training page for further information.

Find out more about our ISO27001 courses:

Risk Assessment & vsRisk

Risk assessment is the core component of information security management. The vsRisk tool is the definitive risk assessment tool and assesses risks on a structured, asset-by-asset basis and helps automate and simplify this complex process.

Below are links to our vsRisk products and our Risk Assessment page:

ISO 27001:2013: Risk Assessment support:

Customers with a Vigilant Software support contract for vsRisk will automatically have the opportunity to upgrade their vsRisk software to the requirements of the new standard once this upgraded product becomes available in early 2014.


Our consultancy services are ideal for those who understand ISO27001 and want to start an ISO27001 project, but do not have the technical expertise or resources to undertake the project themselves.

Our consultancy services can assist organisations at every step of the process, including how to sell the project to the Board and planning each step methodically.

An ISO27001 project is no small undertaking. Having expert consultants on board, with years of experience in implementing ISO27001 projects for clients worldwide, will ensure your project is delivered on time and within budget.

Our ISO27001 consultancy service uses methods and techniques that have been developed over 10 years. We can assist any organisation plan, implement and deliver a successful ISO27001 project.

ISO 27001:2013 Consultancy services and support

With project support provided by our consultants, you can implement ISO27001:2013 in less time, and for much less money than it would cost to ‘go it alone’. We don’t attempt to do the job for you as some consultancy practices aim to do; rather, we deliberately transfer the knowledge that you need at each and every stage in adoption. For further information related to ISO27001:2013 consultancy, please visit our ISO27001 Consultancy page.

ISO27001:2013 Health Check

For those organisations that want to get ahead of the game, IT Governance has exactly what you need. Our ISO27001:2013 Health Check service gives you the opportunity to have your current ISMS assessed against the requirements of the new standard.

Please email us or telephone + 44 (o) 845 070 1750 us today to speak with one of our consultancy team and arrange your ISO27001:2013 Health Check or other price quotation for our consultancy services.

Fast Track Consultancy

IT Governance offers a 'Fast Track' ISO27001 consultancy service that will have your organisation ready for UKAS-accredited certification in just 3 months. From inception to completion of your ISO27001 project, IT Governance will guide your organisation toward successful certification, utilising an implementation approach and methodology which is realistic, proven and straightforward.

Our Fast Track service is available for:

  • Organisations with 19 employees or fewer, and
  • Organisations which are based at a single location

The cost is a one-off fee of £5,000 (plus expenses (at cost), VAT and certification costs).

To visit our designated Fast Track consultancy page click here, or call one of our team on +44 (0) 845 070 1750.

ISO27001:2013: Since no certification currently exists for ISO27001:2013, certification is currently conducted against ISO27001:2005. Obtaining certification through our ‘Fast Track’ service, you will be well positioned to embark on a transition to full certification once certification against the ISO27001:2013 commences (which is estimated to commence around March 2014).

To discuss ISO27001 consultancy, and for a free initial assessment, you can call us today on +44 (0) 845 070 1750 or email us.


ISMS toolkits are ideal for those organisations that have a solid understanding of ISO27001, want to implement ISO27001 and have a clearly defined project plan. Toolkits provide easy to follow tools and documents to make you a master of your own ISO27001 project.
Toolkits include fit-for-purpose policies and procedures, which can easily be adapted to your organisation at a much lower cost that a consultancy service.

The ISMS Toolkits can save you time and money and accelerate your ISO27001 project.

See the full range of ISMS Toolkits available

ISO27001:2013 Toolkits support for existing customers

Within 12 months of the date of purchase of a toolkit (as proven by a sales invoice or receipt) a customer can draw on us for assistance with drafting documents and you are entitled to any updates made to the documentation kit reflecting changes to standards or industry best practice. This support covers understanding the documents, making sense of how they fit together, dealing with questions arising from detailed customisation issues, etc. and the support offered is delivered by email.


Nine Steps to Success

Buy now

+44 (0) 845 070 1750
live chat support software