top of page
ISO 27001

ISO 27001
Information Security Management Systems and Cybersecurity

ISO 27001 Gap Analysis

On-site visit to review current documents and processes, and to determine gaps between same and the requirements of The Standard.

ISO 27001 Kick-off Meeting / Management Presentation

Staff Meeting to determine all processes in the organization and responsibilities for each.  

The Presentation will focus on MANAGEMENT RESPONSIBILITY and COMMITMENT, which is essential for success of the Management System.

Review / Establish the company's Policy and Objectives.

ISO 27001 Top Level Manual

Development / editing of a manual that establishes policies for all required elements of The Standard.  There are items that need to be recorded in a centralized location.  WCH believes the Manual is a good vehicle for accomplishing this.  Additionally, in most companies, WCH finds that customers request a copy of the Manual in their "Supplier Surveys."

ISO 27001Procedure Development

Drafting the first version of flowcharts for all required processes (usually between 10 & 20), and ensuring the company can issue procedures to the system.  Procedures will be developed in flowchart format using Microsoft Word.  Where possible, the company’s existing documentation will be used and / or modified as necessary.

 

A meeting with the appropriate employees will be scheduled to draft the procedure or process.  A second meeting may be held after each participant has had an opportunity to review the draft version.  Changes required will be incorporated into the procedure or process before final review and approval.

ISO 27001 Coaching and Consulting

On an as needed basis the WCH consultant will observe procedure steps and tasks, provide suggestions, and answer questions to ensure procedural documentation and corresponding actions taken by employees are mirror images.

ISO 27001 Employee Understanding & Awareness Training

WCH will provide all employees with a basic overview of the system, the Standard requirements, their responsibilities and what to expect when the registrar conducts the Registration Audit.​

ISO 27001 Internal Auditor Training

A sound auditing program is vital to the health and continual improvement of the Management System.  Internal System Auditors will be trained in the requirements of The Standard and process auditing techniques. 

ISO 27001 Second Party Internal Audit

In lieu of Internal Auditor Training, WCH Professional Services provides qualified Internal Audit support, performing value-added audits in a cost- and time- efficient manner. 

ISO 27001 Management Review Support

WCH will provide guidance and instruction so that the company can hold a Management Review meeting independently.  WCH will review meeting minutes and provide any additional instruction / comment post-meeting.  WCH can also provide additional support to mentor the company’s first annual Management Review meeting. 

ISO 27001 Registration Audit Support

WCH can attend one day of Stage 1 of the Registration Audit and also work with the company to address any concerns that the Registration Auditor brings to light during Stage 1.  It is also possible for WCH to attend Stage 2, if requested.

ISO 27001 Registrar Selection

WCH may assist in the identification and selection of a “partner” Registrar company as well as an effective Auditor from the selected company​.

Please reload

The following menu is representative of the consulting services that may be provided during an implementation project.

Your company may request any of these services separately on an as needed basis.

It is possible to implement several standards at the same time.  For example:  ISO 9001 and ISO 27001 can be implemented simultaneously.  It is even possible to add ISO 45001.

Please call us at 570-350-9256 to discuss your project or if you prefer, click on the link to request a quote online.

Sunnyvale, California

bottom of page