top of page

ISO 27001
DONE PROPERLY
Get Audit-Ready
Without the Box-Ticking

ISO 27001 isn’t just a certificate – it’s a foundation for secure growth, stronger contracts, and serious credibility.

We help organisations design and implement practical, audit-ready Information Security Management Systems without unnecessary complexity or paperwork.

Whether you’re starting from scratch or refining an existing ISMS, we guide you from uncertainty to certification with clarity and confidence.

Who ISO 27001 Is For

We work best with organisations that:

  • Need ISO 27001 to win or retain regulated contracts

  • Are bidding into assurance-driven environments like tech, defence, finacne, engineering, transport, or health sectors

  • Have been asked for certification by enterprise clients

  • Want governance done properly – not just “to pass”

 

We don't do cheap template packs, we work with clients closely to pass first time, every time.

Why Organisations Invest in ISO 27001

Win More Contracts

Many tenders now require ISO 27001. Secure opportunities by proving your business meets information security standards.

Build Serious Credibility

ISO 27001 signals maturity to enterprise clients, partners, competitors, and investors.

Earn Customer Confidence

Show clients and partners that data security is a top priority. ISO 27001 builds trust and gives you a competitive edge.

Improve Internal Controls

Streamline how your teams manage information security. Clear roles, repeatable processes, and structured policies.

Reduce Security Risks

Protect your data, systems, and reputation by identifying risks early. ISO 27001 helps prevent costly breaches and mistakes.

Scale Securely as You Grow

As your business expands, ISO 27001 provides the structure needed to manage security confidently across your operations.

Choose Your Starting Point

1

Free Discovery Call

We discuss your business, motivations, scope, and timing so you’re clear on next steps.

2

Mini Audit (Express)

For £199 we overview your current documentation and outline quick improvements.

3

Gap & Go
Fast-Track to Audit Readiness

For organisations needing certification quickly.
Formal gap analysis against ISO 27001 with implementation roadmap.

Pricing from £1000 depending on scope

4

Full ISO 27001 Certification Partner

For organisations seeking comprehensive support from inception to certification.

Projects typically range from £10,000 depending on scope and complexity.

What Makes Our Approach Different

  • Led by a BSI Trained ISO 27001 Lead Implementor

  • Real-world audit experience

  • No scaremongering

  • Pragmatic, business-aligned advice

  • Proven track record

  • No unnecessary bureaucracy

Not Quite Ready for Full ISO?

If full ISO 27001 certification isn’t the right step yet, we offer structured security and compliance support to help you build the right foundations.

 

Our Cyber Security & Compliance services include:

 

  • Cyber Essentials certification support

  • NHS DSP Toolkit guidance and submission support

  • Security Partner / Virtual CISO services

  • Governance and resilience advisory

These services help strengthen your organisation’s security maturity and often act as a stepping stone towards ISO 27001.

Steven Platt, IT Director

“Kafico have transformed the way PSL approaches information security. Their expertise, combined with a down-to-earth and practical style, has enabled us to make real progress towards ISO 27001 without unnecessary complexity. They’re responsive, knowledgeable, and genuinely invested in our success – exactly what you want from a security partner.”

Frequently asked questions

Case Study: PSL – Achieving ISO 27001 with a Practical, Business-First Approach

Overview

PSL engaged Kafico to support the development and implementation of an ISO 27001:2022 Information Security Management System (ISMS). The objective was to achieve certification while ensuring the controls added genuine value to the business, rather than becoming a box-ticking exercise.

The Challenge

PSL operates in a complex environment, with multiple services and evolving data processing activities. Key challenges included:

  • Translating ISO 27001 requirements into something practical and usable

  • Aligning information security controls across business functions

  • Managing scope considerations, including multiple entities and services

  • Preparing for Stage 1 and Stage 2 audits with confidence

  • Ensuring security processes supported operations rather than slowed them down

Like many organisations, PSL needed more than just documentation – they needed clarity, structure, and a way to embed security into day-to-day operations.

Our Approach

Kafico worked closely with PSL as a partner rather than a traditional consultant. Key elements of the approach included:

  • Pragmatic implementation - Breaking down ISO 27001 requirements into clear, manageable actions aligned to how PSL actually operates

  • Tailored ISMS design - Building policies, risk management processes, and controls specific to PSL’s services and risk profile

  • Hands-on support - Providing ongoing guidance, workshops, and real-time input rather than leaving PSL to interpret standards alone

  • Audit readiness - Preparing PSL for both Stage 1 and Stage 2 audits, including documentation reviews and practical readiness checks

  • Clear communication - Avoiding unnecessary jargon and focusing on what matters from both a compliance and business perspective

The Outcome

  • Successful progression through ISO 27001 Stage 1 Audit

  • Strong positioning for Stage 2 certification

  • A structured, usable ISMS embedded within the business

  • Improved clarity around risk, responsibilities, and security controls

  • Increased confidence across the organisation in managing information security

Importantly, PSL didn’t just “prepare for an audit” – they built a foundation that supports ongoing growth and operational resilience.

Why It Worked

The success of the engagement came down to a simple principle:

 

“Make security work for the business – not the other way around.”
 
By focusing on practicality, clarity, and partnership, PSL were able to move forward with confidence rather than confusion.

Get A Quote Today

bottom of page