top of page
Insights
The ISO 27001 Gap Analysis: What It Covers, What It Costs, and Why You Need One Before Committing
An ISO 27001 gap analysis is the essential first step before committing to certification. It tells you where you stand today, what needs to change, how much work is involved, and whether your timeline and budget are realistic. Without it, you are estimating blind.
Daniel Sampson
May 144 min read
How Long Does ISO 27001 Certification Really Take? Realistic Timelines by Company Size
How long does ISO 27001 take? It is the first question most organisations ask, usually because there is a deadline driving the enquiry. A contract that requires certification by Q3. An investor that wants to see a security framework before closing. A tender submission that demands evidence of information security governance.
Daniel Sampson
May 74 min read
ISO 27001 vs ISO 42001: Do You Need Both? A Lead Auditor’s Honest Answer
ISO 27001 vs ISO 42001 is a comparison I am asked about constantly. Usually by companies that already hold ISO 27001 or are partway through implementation, and have started using AI in their products or operations. The question is always the same: do we need another standard?
Daniel Sampson
Apr 234 min read
bottom of page