ISO 27001 Certification

An internationally recognized, risk based, approach to managing information security.

Organizations seeking ISO certification for ISO 27001 can turn to Coalfire, a global leader in cyber risk management and compliance services to enterprises and government organizations. Coalfire ISO is one of a handful of fully-qualified certification bodies in North America accredited by the ANSI-ASQ National Accreditation Board (ANAB) and can perform certifications in the U.S. and the U.K. ANAB is an internationally-recognized accreditation body for information security management systems, designed to ensure certifying bodies like Coalfire are committed to being a value-added, competent, and cost-effective provider of assessment services to national and international standards with the highest integrity and in a timely manner.

Why ISO 27001?

Completing an ISO 27001 Certification Audit and becoming certified benefits your organization by:

  • Differentiation from your competitors by providing your organization with independent verification that your information security management system has met the requirements of this globally-recognized information security standard.

  • Reducing costs on additional compliance efforts. Common processes, procedures and controls implemented as part of ISO 27001 conformance can be leveraged for other compliance efforts such as PCI, HIPAA, and Sarbanes-Oxley.

ISO Gap Analysis

Coalfire ISO can provide an early stage gap analysis to determine what pieces of your ISMS are in place or what pieces are missing before you move forward to an informal pre-assessment or to the formal certification audit. The gap analysis is ideal for entities who are in the process of finalizing their ISMS.

ISO 27001 Pre-Assessment

Coalfire ISO can provide a review of your ISMS and its operation essentially as a rehearsal for the future audit. As part of this work, Coalfire will do a document review and interview employees. The pre-assessment’s objective is to seek the degree of conformance of your system to the ISO 27001 standard and provide a green light to go for the certification audit, or maybe a yellow light if some fine tuning is necessary.

With an ISO 27001 pre-assessment, your organization will receive a formal report of any findings and remediation requirements to bring your ISMS into conformance with the ISO 27001 Standard. The pre-assessment report will bring to light non-conformities, allowing the organization enough time to address those prior to starting the formal certification audit.

ISO 27001 Certification

This is the formal certification assessment of the ISO 27001 standard against your ISMS leading to certification. Stage I of the audit assesses your documentation and other information to ensure that you have all the pieces in place in readiness for the Stage 2 Audit. The Stage 2 Audit is focused on practical, `walking the walk’ criteria rather than just `talking the talk’ results, usually onsite at client locations. The certification audit can commence once the client ISMS is fully operational.

Formal reports are provided at the end of both the Stage 1 and Stage 2 audits, with the certification recommendation being made at the last day of the Stage 2 onsite.

Coalfire ISO, Inc.

Coalfire provides ISO pre-assessment and certification through its wholly-owned subsidiary Coalfire ISO, Inc.

Need help with ISO Certification?
Visit Coalfire ISO, Inc. to learn more.

Coalfire ISO