ISO 27001

Information Security Management Systems

What is ISO 27001?

ISO 27001 is an internationally acclaimed framework for information security management. 

Who is it for?

ISO 27001 can help any organisation that holds secure information. This includes customer details, financial information, and employee records - so the vast majority of businesses can benefit from implementing the standard. 

How can ISO 27001 help your organisation?

ISO 27001 helps ensure the integrity and security of your corporate information and will provide a robust platform for good information security management.

Whatever form the information takes, or means by which it is shared or stored, ISO 27001 helps you ensure it is always appropriately protected to assist with the preservation of:

  • Confidentiality – ensuring that access to information is appropriately authorised

  • Integrity – safeguarding the accuracy and completeness of information and processing methods

  • Availability – ensuring authorised users have access to information when required

Once you decide to implement ISO 27001, the first step is to learn about its best practice recommendations and compare these to your existing processes. This will help you identify any gaps or weaknesses in your current quality management systems, and give practical advice on how to improve.

There are two main options for this stage – you can get one of our starter packs, or you can hire an ISO 27001 consultant to guide you through the process.

The next step is to plan how to introduce the key principles of quality management into your organisation.

Update or renew your processes according to the guidelines set out in the ISO 27001 standard, then communicate the changes internally. If you need extra support during this stage, an ISO 27001 consultant will be able to advise you and provide you with a gap analysis pre-assessment to make sure you’re ready for certification.

Once you and your consultant are satisfied that your quality management processes align with the principles set out in ISO 27001, it’s time to book your certification.

We will complete a full audit of your business processes. If they meet the requirements of ISO 27001, we will then issue you with certification.

Our Services


Prepare for GDPR with ISO 27001

EU General Data Protection Rules (GDPR) is all about protecting the security of personal information. GDPR and ISO 27001 share several key principles, including:

  • Being responsible and accountable for your data

  • Gaining the consent of data subjects to hold and use their personal information

  • Appointing a Data Protection Officer

  • Recording and investigating data breaches

Becoming certified to ISO 27001 demonstrates that your business has a robust information security management system (ISMS) in place. As long as the scope of your ISO 27001 certification identifies personal data as an information security asset, you can use ISO 27001 to comply with GDPR requirements.

Register for ISO 27001 updates, including GDPR regulations, here 

Or, for more information about how ISO 27001 can help you get ready
for GDPR contact us on 0343 249 6328


Transfer your ISO 27001 certification

If you are currently with another certification provider, you can transfer to Alcumus ISOQAR with no break in your certification. We make transferring your ISO certification convenient, and there is no fee to transfer!

We will take care of the administration and make sure that there is no disruption to your organisation. Your audit schedule can be kept the same - or changed if you would prefer.

To find out more about transferring, call 0343 249 6328.

ISO 27001 Training Courses

In addition to providing ISO 27001 certification services, we also run information security management training courses. Our ISO 27001 courses, including CQI IRCA accredited courses, are suitable for:

  • People who want to learn more about ISO 27001

  • Compliance and Quality professionals who want to implement ISO 27001 in their organisation

  • Compliance and Quality professionals who want to become ISO 27001 auditors.


ISO 27001 Certification

Why get certified to ISO 27001?


ISO 27001 certification:

  • Saves cost through reducing or eliminating the possibility of an information security breach.

  • Enables compliance by establishing that relevant laws and regulations are being met.

  • ​Strengthens corporate culture by ensuring that a commitment to information security exists at all levels through an organisation.

  • Reassures your customers that you are securely managing their data to a high standard

  • Reduces the likelihood of a potential security breach and the costs associated with data loss

  • Enhances your reputation as a trustworthy business partner and demonstrates a commitment to best practice information security management

Why get certified with Alcumus?

Our certification body Alcumus ISOQAR is accredited by the UK’s national accreditation body, UKAS.
Being UKAS-accredited means that ISOQAR has been judged to be a competent certification body by a highly-qualified independent source. We provide accurate and impartial certification services that you and your stakeholders can trust.