ISO27001

Why ISO27001?

ISO27001 is a well recognised and trusted international standard. Achieving the standard will demonstrate that an you are able to effectively protect your systems and data. 

The process of implementation develops an Information Security Management System (ISMS), a structured approach of planning, delivery, audit and evidence for this important business discipline.

The approach incorporates a variety of ‘controls’ that include measures to protect the assets of your organisation, raise awareness among all levels of staff, keep policies fresh and respond to emerging risks and incidents.

iso pic one

Why Kafico?

Our skill portfolio includes information law specialists, IT experts, change management leads and, of course, ISO27001 qualified consultants. 

We love partnering with customers and working collaboratively towards their goals.

Our pragmatic, plain English approach means that you can experience the value of ISO27001 as a business system, rather than just a ‘tick box’ exercise.

The Right Partnership

Once you’ve made the decision to work towards ISO27001, you are on your way to holding the recognisable international standard for Information Security!

We recommend that you shop around and find, not just a consultancy with knowledge and experience, but someone who can imagine partnering well with. Depending on the maturity of your business, the implementation process can take between six to twelve months.

Best results depend on a commitment to the process and a Senior Leadership Team that can drive the process and allocate resources to keep momentum going during the process. 

 

Our Approach

Our team will initially meet with you to understand your business, its processes, stakeholders, dependencies and system maturity. We will discuss any key deadlines as well as any particular gaps or concerns you may be aware of.

As much as possible, we will seek to work with the framework you already have and complete an initial gap analysis. We will present this to you along with the recommended plan for achieving the necessary standard, including what resources might be necessary to achieve this.

We will meet with you regularly, guiding you through the process and developing bespoke materials that fit into your current governance structure.

When it’s time for audit, we will work with you to prepare, ensuring that you have all the necessary confidence to assert and evidence a strong and enduring Information Security Management System.

Maryna Pankratova

Remedy Healthcare Solutions, Governance and Standards Manager

"Apart from being our DPO, Emma and Kafico have helped us prepare for the ISO 27001 audit. I can say that the audit preparation went smoothly, Emma got involved into every little detail and was very clear about everything we needed to do to achieve our goal. Emma is a true professional in her field and there is no question she cannot answer.

Being always there for us, Emma exceeded our expectations of what a good “contractor” is and I am sure every individual or a company engaging with Kafico or Emma herself, makes the right choice.
During our cooperation we have managed to develop a set of crucial documents allowing us to pass the audit, but also it is important that Emma does not see this process as an obligatory tick of the box, but also as a forever continuing exercise to make sure we as a company are compliant not only on paper. Our leadership team have now a very good understanding of what ISO Certification is and what exactly needs to be developed and maintained in the company."

Julian Young

Operations Lead, Prescribing Services LTD

badge two

"Kafico and more specifically Emma Cooper has delivered a highly professional and supportive service to our business and our clients. More importantly, Emma has applied her Information Governance expertise in a business enabling manner which has pushed our business forward and empowered many of our NHS clients to progress their priorities"