We Speak Spanish - Se Habla Español
We offer On-Site Support and / or Virtual Support with a Live Standards Expert
dedicated to your organization at your convenience.
Information Security Management Systems and Cybersecurity
A successful ISO 27001 project will require your company’s commitment to provide resources and complete goals and homework which arise as the result of the workshops shown in the menu below. Registration through a third-party registrar cannot be achieved without it. Generally, nine to twelve months is the norm for completing ISO 27001 Implementation, although it can be accomplished in six months. WCH cannot stress enough how important it is for your company to commit to the project in order to be successful.
It is possible to implement several standards at the same time. For example: ISO 9001 and ISO 27001 can be implemented simultaneously. It is even possible to add ISO 45001.
The following menu is representative of the consulting services that may be provided during an implementation project.
It is also possible to request any of these services separately on an as needed basis.
ISO 27001 Gap Analysis
On-site visit to review current documents and processes, and to determine gaps between same and the requirements of The Standard.
ISO 27001 Kick-off Meeting / Management Presentation
Staff Meeting to determine all processes in the organization and responsibilities for each.
The Presentation will focus on MANAGEMENT RESPONSIBILITY and COMMITMENT, which is essential for success of the Management System.
Review / Establish the company's Policy and Objectives.
ISO 27001 Top Level Manual
Development / editing of a manual that establishes policies for all required elements of The Standard. There are items that need to be recorded in a centralized location. WCH believes the Manual is a good vehicle for accomplishing this. Additionally, in most companies, WCH finds that customers request a copy of the Manual in their "Supplier Surveys."
ISO 27001Procedure Development
Drafting the first version of flowcharts for all required processes (usually between 10 & 20), and ensuring the company can issue procedures to the system. Procedures will be developed in flowchart format using Microsoft Word. Where possible, the company’s existing documentation will be used and / or modified as necessary.
A meeting with the appropriate employees will be scheduled to draft the procedure or process. A second meeting may be held after each participant has had an opportunity to review the draft version. Changes required will be incorporated into the procedure or process before final review and approval.
ISO 27001 Coaching and Consulting
On an as needed basis the WCH consultant will observe procedure steps and tasks, provide suggestions, and answer questions to ensure procedural documentation and corresponding actions taken by employees are mirror images.
ISO 27001 Employee Understanding & Awareness Training
WCH will provide all employees with a basic overview of the system, the Standard requirements, their responsibilities and what to expect when the registrar conducts the Registration Audit.
ISO 27001 Internal Auditor Training
A sound auditing program is vital to the health and continual improvement of the Management System. Internal System Auditors will be trained in the requirements of The Standard and process auditing techniques.
ISO 27001 Second Party Internal Audit
In lieu of Internal Auditor Training, WCH Professional Services provides qualified Internal Audit support, performing value-added audits in a cost- and time- efficient manner.
ISO 27001 Management Review Support
WCH will provide guidance and instruction so that the company can hold a Management Review meeting independently. WCH will review meeting minutes and provide any additional instruction / comment post-meeting. WCH can also provide additional support to mentor the company’s first annual Management Review meeting.
ISO 27001 Registration Audit Support
WCH can attend one day of Stage 1 of the Registration Audit and also work with the company to address any concerns that the Registration Auditor brings to light during Stage 1. It is also possible for WCH to attend Stage 2, if requested.
ISO 27001 Registrar Selection
WCH may assist in the identification and selection of a “partner” Registrar company as well as an effective Auditor from the selected company.