Designing reporting mechanisms to meet the needs of both your teams and stakeholders.
We will supply you with policy templates and work together 
to review them, identifying any gaps in your current processes. We will then ensure these policies comply with 
the ISO 27001:2022 standard to correct any non-conformities before the audit.
Policies and Procedures
Risk Champions Framework
Breach Preparedness & Incident Module
ISO 27001 Certificate Preparation
Get your free report
Need to discuss a bespoke plan for your business?
Speak to a consultant
47%
Security Incidents
In February 2024, 47% of security incidents in Europe were linked to the supply chain.
68%
Recognised countries
ISO 27001 certification is recognised in an impressive 170 countries.
ISO 27001/ISMS
Preparation
ISO/IEC 27001 is the top global standard for information security management systems (ISMS), detailing the essential requirements for protecting information assets. It helps organisations manage risks and safeguard data privacy.
Policies and Procedures
We provide policy and procedure templates, review them with you to identify gaps, and align them with ISO 27001:2022 standards to address non-conformities before the audit.
Breach Readiness and Incident Module
We establish an Information Security Incident Response policy, create a tracking system for incidents, and train your staff to identify, report, and escalate security incidents.
Risk Champions Framework
We help nominate and train risk champions in your organisation on ISMS principles, ISO 27001:2022, and GDPR. They will regularly discuss and escalate security risks to your Audit and Risk Committee (ARC).
ISO 27001 Certificate Preparation
We build a robust ISMS to help you achieve ISO 27001:2022 certification and establish a culture of continuous improvement to maintain certification through ongoing audits.
A case study for a renowned tech provider in North West, UK.
The requirement
A tech provider in the North West identified a need to gain the ISO 27001 accreditation as a means to adhere to industry standard information security practices and to reduce admin caused by ad hoc customer audits and tenders for new business.
Need for ISO 27001
Meet industry standards and reduce admin from audits and tenders.
Analysis and Audits
Internal audits revealed gaps, leading to
a governance framework.
Governance Framework
A people-focused framework assigned security roles and upheld standards.
Reduced Breach Risks
Certification boosted customer confidence and reduced breach risks.
The approach
A governance framework to meet ISO 27001 standards
An organisation-wide analysis was conducted to identify gaps in meeting the ISO 27001 standard. This included an internal audit that highlighted non-conformities requiring quick resolution, along with opportunities for improvement. A governance framework was then established, focusing on people, with ownership assigned for security policies and procedures, and the formation of a security group and information security champions to maintain standards.
The outcome
ISO 27001 certification enhances security awareness
From a commercial standpoint, the ISO 27001 certification has boosted confidence among prospects and customers, offering greater assurance in the organisation's commitment to information security. Internally, it has heightened awareness among staff, making them more proactive in identifying potential security risks early. This increased vigilance has enabled faster mitigation, greatly reducing the likelihood of a serious security breach.
Championing your business growth at every stage.
24/7 Support
Anytime, anywhere. We aim
to respond within 2 hours of receiving your enquiry.
Training
We provide training on all implemented changes to empower you and your team.
Frequently asked questions
How can you assist during the ISO 27001 audit?

We will accompany you throughout the audit, helping to answer questions and provide relevant details to the auditor as needed.

How can you prepare us for the ISO 27001 audit?

We will perform an internal audit well in advance to identify any non-conformities and areas for improvement. We’ll then create corrective action plans and integrate them into a comprehensive program to ensure your ISMS is well-managed.

How can you help us build a strong ISMS?

We will conduct a gap analysis based on the latest ISO 27001 standard, assess current controls, and centralise evidence storage. We’ll establish a repository for ISMS policies and link evidence to relevant areas. Any missing evidence will be addressed through corrective action plans.

How can you assist in managing our ISMS?

We’ll help you develop tools and practices to maintain and enhance your ISMS. This includes setting up an “ISMS Champions” group to regularly review risks, handle incidents, and manage data hygiene for non-conformities and opportunities.

Need some help and advice? We have a  consultant
ready to provide you with a free tailored report.
Request a bespoke quote
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Case Studies
South West Local AuthorityRenowned Tech Provider Recruitment ConsultancyNHS Trust Foundation 
Contact us
enquiries@poplarpm.co.uk
Follow us:
poplarpm.co.uk 2024. All rights reserved.