ISO/IEC 27001 specifies a set of standards that assist organizations establish, implement and maintain controls for the protection of critical IT assets. These controls are used in conjunction with ISO/IEC 27002 to establish standards for maintaining and continually improving an information security management system. Our team of compliance consultants has extensive experience in assessing, base-lining, facilitating, and making recommendation against the ISO 27002:2013 framework for organizations of any size.

Contact Us for More Information


  • Create an overview of your ISO 27001/27002 risk profile and review your current policies, processes, and procedures related to ISO 27001/27002 compliance.
  • Conduct an assessment of your current performance in line with the ISO 27001/27002 framework and your risk profile then identify the vulnerabilities, both organizational and technological.
  • Make recommendations for improvement of your control environment in line with the ISO 27001 framework and develop a practice-based protection strategy and risk mitigation plan to support the organization’s mission and priorities.
  • Assess your current ISO 27001/27002 compliance training.
  • Assess by line functions and internal audit your current level of ISO 27001/27002 compliance monitoring.


  • Your review procedures will closely resemble those used by the audit community.
  • We will create a report that identifies gaps in your organization’s compliance with the ISO 27001/27002 standard.
  • Our compliance professionals work with your team to find solutions to compliance problems.
  • Your employees can focus on serving the needs of your customers/members while we take care of your compliance.


  • An ISO 27001/27002 risk profile report describing the risks that the organization has identified.
  • An ISO 27001/27002 gap analysis and recommendations.
  • Recommendations for inclusion or exclusion of control processes.
  • A complete review of policies and procedures against the requirements of ISO 27001/27002.