ISO 27001 Information Security Management

Helping you on your journey to GDPR compliance

What is ISO 27001?

ISO 27001 is an internationally acclaimed framework for information security management. ISO 27001 is applicable to all sectors of industry and commerce and addresses the security of information in whatever form it is held.
Whatever form the information takes, or means by which it is shared or stored, ISO 27001 helps you ensure it is always appropriately protected to assist with the preservation of:

  • Confidentiality – ensuring that access to information is appropriately authorised

  • Integrity – safeguarding the accuracy and completeness of information and processing methods

  • Availability – ensuring authorised users have access to information when required

Benefits to your organisation:

Cost Savings through reducing or eliminating the possibility of an information security breach

Enables compliance by establishing that relevant laws and regulations are being met

Strengthens corporate structure by ensuring that a commitment to information security exists at all levels throughout an organisation

Why seek certification to ISO 27001?

Obtaining a certificate from a third party certification body demonstrates that you have addressed, implemented and controlled the security of your information. ISO 27001 provides a framework to give assurance that an organisation’s information security measures are effective.  


Certification to ISO 27001...  

  • Helps to align your organisation with the new requirements of GDPR

  • Comforts customers, employees, trading partners and stakeholders – in the knowledge that your management information and systems are secure 

  • ​Demonstrates credibility and trust 

  • Can lead to cost savings. Even a single breach can involve significant costs

Prepare for GDPR with ISO 27001

EU General Data Protection Rules (GDPR) is all about protecting the security of personal information. GDPR and ISO 27001 share several key principles, including:

  • Being responsible and accountable for your data

  • Gaining the consent of data subjects to hold and use their personal information

  • Appointing a Data Protection Officer

  • Recording and investigating data breaches

Becoming certified to ISO 27001 demonstrates that your business has a robust information security management system (ISMS) in place. As long as the scope of your ISO 27001 certification identifies personal data as an information security asset, you can use ISO 27001 to help demonstrate compliance with GDPR.

Although ISO 27001 does not cover all elements of GDPR it helps organisations put the relevant checks and procedures in place to minimise risksdemonstrate best practice and encourages continuous improvement

Or, for more information about how ISO 27001 can help you get ready
for GDPR contact us on 0343 249 6328

Why choose Alcumus ISOQAR for your certification?

Once you decide to implement ISO 27001, the first step is to learn about its best practice recommendations and compare these to your existing processes. This will help you identify any gaps or weaknesses in your current quality management systems, and give practical advice on how to improve.

There are two main options for this stage – you can get one of our starter packs, or you can hire an ISO 27001 consultant to guide you through the process.

The next step is to plan how to introduce the key principles of quality management into your organisation.

Update or renew your processes according to the guidelines set out in the ISO 27001 standard, then communicate the changes internally. If you need extra support during this stage, an ISO 27001 consultant will be able to advise you and provide you with a gap analysis pre-assessment to make sure you’re ready for certification.

Once you and your consultant are satisfied that your quality management processes align with the principles set out in ISO 27001, it’s time to book your certification.

We will complete a full audit of your business processes. If they meet the requirements of ISO 27001, we will then issue you with certification.


Request a callback

We will not pass your details to third parties or call you unless permission has been given


Want to transfer to ISOQAR?

If you are currently with another certification provider, you can transfer to Alcumus ISOQAR with no break in your certification. We make transferring your ISO certification convenient, and there is no fee to transfer!

We will take care of the administration and make sure that there is no disruption to your organisation. Your audit schedule can be kept the same - or changed if you would prefer.

To find out more about transferring, call us on 0343 249 6328.

ISO 27001 Training Courses

In addition to providing ISO 27001 certification services, we also run information security management training courses. Our ISO 27001 courses, including CQI IRCA accredited courses, are suitable for:

  • People who want to learn more about ISO 27001

  • Compliance and Quality professionals who want to implement ISO 27001 in their organisation

  • Compliance and Quality professionals who want to become ISO 27001 auditors.