ISO 27001

Certification to ISO 27001, ISO 27017, ISO 27018, and ISO 27701

Contact Us

Demonstrate the Maturity of Your Information Security Management System

ISO 27001 is an internationally accepted standard for helping your organization manage the security of your services, data, intellectual property or any information entrusted to you by a third party. Obtaining a certification to ISO standards is a valuable way to differentiate your organization as it demonstrates your compliance with industry standards and your commitment to keeping information secure.

Let us help improve your Information Security Management System (ISMS) with the following:

ISO 27001

This is specifically focused on the ISMS following ISO 27002 control implementation guidance.

ISO 27017

This leverages ISO 27002 with an enhanced focus on cloud security.

ISO 27018

The international standards focused on protection of personal data in the cloud. This also leverages ISO 27002, but applies these controls and more to public cloud Personally Identifiable Information (PII).

ISO 27701

ISO 27701, also known as the Privacy Information Management System (PIMS) framework, is the data privacy extension of ISO 27001. It outlines controls and processes to manage data privacy and protect PII.

Our Proven Process

At BARR, we are committed to guiding you through every stage of your ISO 27001 certification from kickoff to final deliverable and everything in between.

Connect
  • About us
  • About you
  • Solutions
  • Proposal
ISMS Implementation and Internal Audit
  • Third-party assistance (optional)
ISO Stage 1
Kickoff
  • Discuss Stage 1 audit
  • Select dates to walk through ISO clauses 4-10
Walkthroughs
  • Review documentation
  • BARR to conclude if ISO clauses were met
Closing Meeting
  • Review nonconformities
  • Discuss next steps
Remediation
  • Develop and execute corrective action plan
  • BARR to validate nonconformity remediation
ISO Stage 2
Kickoff
  • Discuss Stage 2 audit
  • Select dates to walk through Annex A controls
Walkthroughs
  • Review documentation
  • BARR to conclude if Annex A controls were met
Closing Meeting
  • Review nonconformities
  • Discuss next steps
  • BARR to communicate certification decision
Remediation
  • Develop and execute corrective action plan
  • BARR to validate nonconformity remediation
Certification
  • Draft report
  • Quality review
  • Issue report
Celebrate & Optimize
  • Debrief
  • Rate engagement
  • Improve security
  • Next steps (includes annual surveillance)

Why BARR for Certification to ISO standards

  • BARR specialists have deep expertise in implementing effective Information Security Management Systems
  • Trusted advisor to some of the fastest growing cloud service providers (IaaS, PaaS, SaaS) in the country
  • Serving the most regulated industries including technology, financial services, healthcare and government
  • Nearly 100% client retention rate
  • Competitive, fixed rates to accommodate growing enterprises
  • We put you and your business first, providing unparalleled communication and accessibility at all times

Contact Us for a Free Consultation

We’re here to help you! Speak with a BARR specialist about your security and compliance needs.

Recent Blog Posts

BARR Experts Weigh in on The 2022 Verizon Data Breach Investigations Report

| Company Culture, News, Security, Vulnerability Management | No Comments

Each year, Verizon researchers release the annual Data Breach Investigations Report (DBIR). Verizon began releasing the report in 2008, and for the past 15 years, the DBIR has been one…

BARR Associates Honor Pride as a ‘Celebration of Life’ this June and Beyond

| Careers, Company Culture | No Comments

According to a study by VMLR, workplace belonging leads to a 56 percent increase in job performance. At BARR Advisory, we value belonging, which is why Pride is more than…

How To Use an Information Flow Map to Determine the Scope of Your ISMS

| Company Culture, Security | No Comments

By: Brett Davis, senior CISO consultant  An information security management system (ISMS) is a critical component of every organization. An ISMS consists of the documented set of security controls in…

Contact Us for a Free Consultation

We’re here to help you! Speak with a BARR specialist about your security and compliance needs.

Contact Us for a Free Consultation

We’re here to help you! Speak with a BARR specialist about your security and compliance needs.