ISO 27001 Gap Analysis

ISO 27001 and ISO 27002 2022 updates

ISO/IEC 27001:2022 – the newest version of ISO 27001 – was published in October 2022.

Organisations that are certified to ISO/IEC 27001:2013 have a three-year transition period to make the necessary changes to their ISMS (information security management system).

For more information about ISO 27001:2022 and its companion standard, ISO 27002:2022, and what they mean for your organisation, please visit ISO 27001 and ISO 27002: 2022 updates

Download your copy of ISO 27001:2022 here

Download your copy of ISO 27002:2022 here

Building an ISMS (information security management system) that meets the requirements of ISO 27001 can be a challenging project.

ISO 27001’s breadth of applicability can make it difficult for organisations to determine how to apply the Standard effectively and economically, so conducting an ISO 27001 gap analysis is an important starting point when putting a prioritised plan in place.

What is an ISO 27001 Gap Analysis?

An ISO 27001 gap analysis provides a high-level overview of what needs to be done to achieve certification and enables you to assess and compare your organisation’s existing information security arrangements against the requirements of ISO 27001.

It is the ideal solution for organisations that need to measure their current state of compliance against the Standard and enables you to scope your ISMS parameters across all business functions.

Watch our video to discover how a gap analysis will help your organisation.

Speak to an ISO 27001 expert today

Get in touch with one of our qualified ISO 27001 specialists for free practical advice on the ISO 27001 gap analysis process. If you are not eligible for the quoted service, please contact us to discuss your requirements and we will provide a quote based on your specific needs.

Enquire now

Get a true picture of your ISO 27001 compliance posture

IT Governance’s ISO 27001 Gap Analysis service provides a detailed review of your current information security posture against the Standard's requirements.

Conducted by an ISO 27001 specialist, this service will give you an informed assessment of:

  • Your compliance gaps;
  • The proposed scope of your ISMS;
  • Your internal resource requirements; and
  • The potential timeline to achieve certification readiness.

Additionally, an in-person gap analysis will provide you with the information necessary to develop a strong business case for implementing an ISO 27001-compliant ISMS.

Invest in a gap analysis for your organisation today

ISO 27001 gap analysis

What should you expect from an
ISO 27001 gap analysis?

Our ISO 27001 Gap Analysis service consists of two key phases – an initial analysis of your existing information security arrangements and documentation, followed by a gap analysis report collating the findings.

View the full service description

View a sample gap analysis report excerpt

Why choose IT Governance?

  • We are the global pioneer of ISO 27001 – our management team successfully led the world’s first ISO 27001 certification project.
  • Our approach has been honed over 15 years, during which time we have trained more than 7,000 professionals on ISMS implementations and audits worldwide and helped more than 800 consultancy clients achieve ISO 27001 certification and compliance.
  • Our ISO 27001 consultancy services come with a 100% guarantee that you will achieve certification within the timeline of the agreed project.
  • We have a proven and pragmatic approach to assessing compliance with international standards, no matter the size or nature of your organisation.
  • Our pricing proposals are completely transparent, so you won’t get any surprises.
  • You will receive expert advice and guidance from our consultants from the outset to help you develop a business case, allowing you to secure the necessary leadership commitment and investment.
Risk Assessment
Workshop
22 Oct