ISO 27001 consultants
Let our experienced consultants help you build a useful, customised, effective and efficient ISO 27001 Information Security Management System.
Managing Director, Anfold Software
ADL Consulting's knowledge of how a software business works and their experience in the field has been invaluable. It's been an absolute pleasure working with them!Read more >
Managing Director, Inventory Hive
Working with ADL was fantastic, I just wish we'd found them before we ever started ISO 27001! I feel like we finally now understand what we're supposed to be doing and why.Read more >
We provide ISO 27001 and GDPR consultancy, information security training and internal audit services to businesses across the UK.
As qualified ISO 27001 auditors, we often see systems that are paper-heavy, cumbersome and unhelpful for the companies using them. We will help you to build a light-weight, low maintenance system that improves your security and provides useful Management Information to support your business.
Whilst you don't have to use a consultant to support you with your ISO 27001 implementation, doing so can help you to avoid the huge potential for rabbit holes, misunderstanding and misinterpretation which ultimately can save you months!
In our audit experience, we have also come across numerous consultants who are "standards people", rather than information security specialists. We would strongly encourage you to find an ISO 27001 specialist rather than generic standards consultant - the difference can save you months too!
A. Experience first...and then a bunch of other stuff - here are some quick thoughts.
Technical experience is particularly pertinent with ISO 27001. A good consultant will have multiple years of experience working in information technology. Without a technical background, some of the nuance of the technical controls can be lost.
As a consequence, we would generally counsel against a "generic ISO consultant" as, whilst they may have much experience working with Standards, they may be weak in the technical requirements of ISO 27001.
A. Not necessarily, but we think it's a good idea!
Consultants can quickly become complacent and stuck in their thinking. Auditing exposes the consultant to a wide range of implementation methods, new ways of doing things, new technologies and solutions. It's a great form of professional development.
Auditors who conduct audits for a UKAS accredited auditing bodies have to conduct "quality reviewed" regularly to ensure they are auditing to a suitable standard. This should provide some assurance that the consultant is of a suitably high standard.
Get in touch
Give us a call, or send us an email, to start the conversation and see how we can help your business to achieve ISO 27001.