This website uses cookies. View our cookie policy
United Kingdom
Select regional store:

ISO 27001 Gap Analysis

Have you identified all of your cyber risks? Do you have appropriate information security controls in place? Do you know what is required to achieve ISO 27001 certification?

ISO/IEC 27001 is the internationally recognised standard for effective information security management. The ISO 27001 Gap Analysis service is a specialised, in-person review of your information security regime that will give you a high-level overview of what you need to do to achieve certification to ISO 27001.

ISO 27001’s breadth of applicability can make it difficult for organisations to determine how to apply the Standard effectively and economically.

Our consultancy team has helped over 200 companies prepare for ISO 27001 certification using a methodology and tools that have been developed and honed over more than 15 years.

Get customised, personal advice from an experienced ISO 27001 implementation specialist with our ISO 27001 Gap Analysis service

Following a detailed review of your security regime, you will find out:

  1. What your security baseline looks like;
  2. Where the significant cyber security gaps are;
  3. How close you are to ISO 27001-certification readiness.

This specialised, in-person review of your security regime will provide you with the following:

  • A high-level review of your policies, procedures, management understanding and commitment, information security processes and controls.
  • On-site interviews with key managers (or online where possible).
  • Off-site assessments of existing documentation and records.
  • Assistance defining the scope of your intended information security management system (ISMS).
  • The delivery of an action plan, stipulating the resource requirements to achieve certification-readiness.
  • The provision of a concise report, including a red-amber-green compliance status check against the Standard’s management system clauses and the information security controls in Annex A of ISO/IEC 27001:2013.


The ISO 27001 Gap Analysis service usually takes between two and three days. The price quoted is applicable for organisations with approximately 250 employees, and excludes any additional expenses such as travel or accommodation, if necessary. The time required to complete the gap analysis often depends upon the size and complexity of the organisation.

View the service description and pricing here >>

It pays to be cyber secure with ISO 27001.
Contact us today - email or call 0845 070 1750.