Certification to ISO/IEC 27001 Information Security Management

Keep your information confidential with a certified ISO/IEC 27001 system and show that you have information security risks under control. Compliance with world-class standards can help you win customer trust and new business opportunities.  

How to get certified to ISO/IEC 27001

We make the certification process simple. After we have received your application we appoint a client manager who will guide you and your business through the following steps.

  1. Gap analysis 

    This is an optional pre-assessment service where we take a closer look at your existing information security management system and compare it with ISO/IEC 27001 requirements.  This helps identify areas that need more work before we carry out a formal assessment, saving you time and money.
  2. Formal assessment

    A two-stage process. First your BSI Client Manager will review your organization’s readiness for assessment by checking if the necessary ISO/IEC 27001 procedures and controls have been developed in your organization. We will share the details of our findings with you via our Assurance Portal, so that if we find gaps, you can close them.
    Next, if all the requirements are in place, we’ll assess the implementation of the procedures and controls within your organization to make sure that they are working effectively as required for certification of ISO/IEC 27001.
  3. Certification and beyond

    When you have passed the formal assessment you will receive an ISO/IEC 27001 certificate, which is valid for three years. Your client manager will stay in touch during this time, visiting you regularly to make sure your system doesn’t just remain compliant, but that it continually improves.

    You’ll be able to access all the information related to your certification via our BSI Assurance Portal. Available  24/7, you can view essential information, such as your next 12 months of visit dates, audit reports, and certificates to support you with managing your BSI assessments and promoting your success. 

    Find out more about BSI portal

Train with us and certify to ISO/IEC 27001

We use accelerated learning techniques to make sure you fully understand the ISO/IEC 27001 standard. And we put your learning into context with a blend of classroom teaching, workshops and interactive sessions.

ISO/IEC 27001 Internal Auditor (TPECS) >

This course teaches a general understanding of the concepts of the ISO/IEC 27001:2013 standard and the principles and practices of effective internal audits in accordance with ISO 19011, “Guidelines on Auditing Management Systems.” Experienced instructors explain the clauses of ISO/IEC 27001:2013 in detail and guide students through internal audits required for an ISMS based on ISO/IEC 27001:2013.

View details for ISO/IEC 27001 Internal Auditor (TPECS) >

Duration depends on delivery method

ISO/IEC 27001 Lead Auditor (TPECS) >

This course teaches a general understanding of the principles and practices of leading management system audit teams and process based audits in accordance with ISO 19011. Participants learn the clauses of ISO/IEC 27001 in detail and the entire audit process, from managing an audit program and assessing the ISMS, to reporting on audit results.

View details for ISO/IEC 27001 Lead Auditor (TPECS) >

Duration depends on delivery method