Using ISO27001 (cyber security) To secure Your Business.

ISO 27001 provides structured governance to address your true security risks

Customers and partners MUST have confidence in your services security. More recently this have become a significant challenge to all businesses. Being ISO 27001 certified is a proven means to demonstrate that you have the knowledge, capability and processes in place to protect customers data. this is seen as a valuable skill for almost all customers, as a deciding factor to use a service.

Step 1

1. Understand the role of the ISMS

Our first piece of work introduces you to the foundations of ISO 27001 and the information security issues it can help you address.

This work examines:

  • Finding the balance between negative and positive risk
  • How security supports business objectives
  • Introduction to ISO 27001
  • Processes for implementing your ISMS
  • Understanding the ISO 27001 documentation suite ISMS project planning
  • Organisational Context – mapping the security needs of your business

Step 2

2. Identify risks that matter

The work in step 2 builds upon your organisational context – identified in the previous session – by using it to structure risk identification and analysis. The multi-faceted approach to risk assessment covered here will allow you to focus resources and effort on the security issues which could realistically impact your organisation.

This work examines:

  • Review of Organisational Context exercises from Workshop 1
  • Understanding risk methodology
  • Risk identification – Top Down vs Bottom Up
  • Organisation-wide risk identification
  • Constructing your Risk Register
  • Self-assessment of your current security state
  • The role of Gap Analysis

Step 3

3. Understand effective risk control

The workshop series continues with its examination of risk procedures by evaluating your risk set, prioritising them, and determining which control measures are going to be genuinely effective in reducing your risk profile.

This work examines:

  • Review of risk exercises from the work in step 2
  • Risk evaluation
  • Determining risk appetite
  • Approaches to risk treatment
  • Overview of ISO 27001 Annex A security controls
  • What makes a good control? Effective control selection
  • ISO 27001 Statement of Applicability

Step 4

4. Structing your security response

Workshop 4 dives into developing the processes which put security governance into effect. The ISO 27001 standard requires a wide umbrella of security policies and procedures. Understanding which components are essential is key to ensuring a successful and compliant ISMS.

This work examines:

  • Review of risk and control exercises from the work in step 3
  • Simplifying control documentation for staff adoption
  • Key security policies – ensuring conformance and effectiveness
  • Planning for the worst – incident response and business continuity
  • Awareness and Engagement – making security a whole-of-organisation concern

Step 5

5. Obtaining certification

We complete the ISO 27001 series with a workshop devoted to ensuring that your ISMS is functioning correctly and your organisation reaps the benefits you expect.

This work examines:

  • ISMS and security performance evaluation
  • Identifying meaningful security metrics
  • Management review of your ISMS
  • Audit processes
  • Going for ISO 27001 certification
  • Ongoing ISMS management


I Am SCott Tunn.

With 18 years of cyber business and customer experience expertise, I helped train and guide over 250 companies. In the constantly changing field of digital services, it is my mission to provide individuals and small businesses with the skills to master the critical tactics and strategies that will keep their IP and assets safe from hackers to help drive business growth.

Why choose US?

Grow your knowledge and
stay ahead of the hackers

Secure your Ip & Data

Lorem ipsum dolor sit amet conetur adipiing elit. aulla sit amet magna is fodal otes alora.


Trusted Knowledge

Lorem ipsum dolor sit amet conetur adipiing elit. aulla sit amet magna is fodal otes alora.

Solid processes

Lorem ipsum dolor sit amet conetur adipiing elit. aulla sit amet magna is fodal otes alora.

Some Feedbacks

What people are saying


stay informed!

Subscribe to receive exclusive content and notifications