ISO 27001

Certification to ISO 27001, ISO 27017, ISO 27018, and ISO 27701

Contact Us

Demonstrate the Maturity of Your Information Security Management System

ISO 27001 is an internationally accepted standard for helping your organization manage the security of your services, data, intellectual property or any information entrusted to you by a third party. Obtaining a certification to ISO standards is a valuable way to differentiate your organization as it demonstrates your compliance with industry standards and your commitment to keeping information secure.

Let us help improve your Information Security Management System (ISMS) with the following:

ISO 27001

This is specifically focused on the ISMS following ISO 27002 control implementation guidance.

ISO 27017

This leverages ISO 27002 with an enhanced focus on cloud security.

ISO 27018

The international standards focused on protection of personal data in the cloud. This also leverages ISO 27002, but applies these controls and more to public cloud Personally Identifiable Information (PII).

ISO 27701

ISO 27701, also known as the Privacy Information Management System (PIMS) framework, is the data privacy extension of ISO 27001. It outlines controls and processes to manage data privacy and protect PII.

Our Proven Process

At BARR, we are committed to guiding you through every stage of your ISO 27001 certification from kickoff to final deliverable and everything in between.

Connect
  • About us
  • About you
  • Solutions
  • Proposal
ISMS Implementation and Internal Audit
  • Third-party assistance (optional)
ISO Stage 1
Kickoff
  • Discuss Stage 1 audit
  • Select dates to walk through ISO clauses 4-10
Walkthroughs
  • Review documentation
  • BARR to conclude if ISO clauses were met
Closing Meeting
  • Review nonconformities
  • Discuss next steps
Remediation
  • Develop and execute corrective action plan
  • BARR to validate nonconformity remediation
ISO Stage 2
Kickoff
  • Discuss Stage 2 audit
  • Select dates to walk through Annex A controls
Walkthroughs
  • Review documentation
  • BARR to conclude if Annex A controls were met
Closing Meeting
  • Review nonconformities
  • Discuss next steps
  • BARR to communicate certification decision
Remediation
  • Develop and execute corrective action plan
  • BARR to validate nonconformity remediation
Certification
  • Draft report
  • Quality review
  • Issue report
Celebrate & Optimize
  • Debrief
  • Rate engagement
  • Improve security
  • Next steps (includes annual surveillance)

Why BARR for Certification to ISO standards

  • BARR specialists have deep expertise in implementing effective Information Security Management Systems
  • Trusted advisor to some of the fastest growing cloud service providers (IaaS, PaaS, SaaS) in the country
  • Serving the most regulated industries including technology, financial services, healthcare and government
  • Nearly 100% client retention rate
  • Competitive, fixed rates to accommodate growing enterprises
  • We put you and your business first, providing unparalleled communication and accessibility at all times

Contact Us for a Free Consultation

We’re here to help you! Speak with a BARR specialist about your security and compliance needs.

Connect With BARR

Recent Blog Posts

BARR Advisory Celebrates Nine Years on Founder’s Day

| Company Culture | No Comments

Nine years ago today, Brad Thies founded BARR Advisory, a cloud-based solutions provider dedicated to simplifying the path to security and compliance for mission-driven companies aiming to build long-term cyber…

BARR Advisory Releases Whitepaper: HITRUST e1 Assessment Lowers the Barrier to Entry on Cybersecurity

| Press Releases | No Comments

KANSAS CITY, Mo. — A new whitepaper from BARR Advisory breaks down the fundamentals of the HITRUST e1 Assessment and explores how the new framework lowers the barrier to entry…

Everything You Need to Know About the New HITRUST e1 Assessment

| HITRUST | No Comments

HITRUST CSF recently added a new assessment to their portfolio: the HITRUST e1 Assessment. Included in the HITRUST CSF v11 release, the e1 Assessment was designed to cover foundational cybersecurity…

Contact Us for a Free Consultation

We’re here to help you! Speak with a BARR specialist about your security and compliance needs.

Contact Us for a Free Consultation

We’re here to help you! Speak with a BARR specialist about your security and compliance needs.