ISO 27001 Frequently Asked Questions

  • What is the relation between ISO 27001 and ISMS?

    ISMS stands for “Information Security Management System” which is the title of the ISO 27001 standard. ISO 27001 is made of a set of clauses to provide guidance on the creation or a best practice ISMS system to manage security risks and drive improvements in a company’s security posture.

    In annexure A of ISO 27001 a list of common security controls (Security Policy framework, HR security, physical security, network security, etc.) are listed and is used to effectively assess all aspects of an organisation.

  • ISO 2001 Annexure controls Vs. ISO 27001 clauses
  • “We struggle to get funding for basic security tools/Our security posture is shocking. ISO 27001:2013 is a distant dream.”
  • Will the project impact on my current operations?
  • Can Privasec certify me? What is the difference between Privasec and SAI Global?
  • Will you mitigate my risks for me? Isn’t that a conflict of interest?

Want to Become ISO 27001 Certified?

Get the ball rolling and get on your way to ISO 27001 compliance today.

Just click the button below and contact a Privasec consultant to get a detailed understanding of the Plan-Do-Check-Act ISMS cycle. Your consultant will also walk you through our baseline ISMS project plan and methodology. It's that easy to get the ball rolling towards full ISO 27001 compliance and certification.