Effective Solutions. Protecting Businesses.

ISO27001:2022 & Cyber Essentials

Government, public sector and private sector businesses are demanding that their suppliers have some form of independent security certification such as Cyber Essential, Cyber Essential Plus or ISO27002:2022. These standards vary in complexity to implement and maintain and in terms of cost, as such they can present a barrier to entry for small to medium businesses. 

You need to select the appropriate certification for your business and your client’s requirements and also implement it cost effectively.  We have helped numerous small and medium sized businesses achieve Cyber Essentials, Cyber Essentials Plus and ISO27002:2022 supporting them all the way through the process. This included:

Cyber Essentials +

  • Selecting the IASME Certification body that carried out the Cyber Essential plus audit
  • Completing the Cyber Essential questionnaire
  • Advising on the implementation of any technical controls

ISO27001:2022

  • Selecting the appropriate ISO27001 certification body
  • Producing all supporting documentation.
  • Supporting the onsite audits.
  • Conducting the annual ISO2001 Internal Audit

ISO27001:2013 to ISO27001:2022 Transition

  • Conduct Gap Analysis
  • Produce Project Plan
  • Update SOA, RTP, ISMS and other documentation
  • ISO27001:2013 to ISO27001:2022 Transition

Testimonials

“AJ Security Consulting has provided support to our ISO2001 Certification since 2019. They produced all our initial security documentation, selected the certification body, and provided assistance during the initial certification audit. Since then, AJ Security Consulting has provided ISO27001 advice and carried out the annual Internal Audits, more recently they carried out the ISO27001:2022 gap analysis to support our migration to the new standard”.

Director HJS Technology.

“AJ Security Consulting helped us identify the appropriate Microsoft security tools, the security configurations and provided advice on the implementation and monitoring requirements.”

CIO Lloyds Pharmacy Healthcare Services.

“In addition to supporting our ISO27001 certification AJ Security Consulting provide our DPO and CISO service. This includes responding to the numerous security and privacy questionnaires we receive from our clients and attending any follow-up calls. In addition to responding directly to the questionnaires, AJ Security Consulting have produced model answers to allow our staff to respond to the questionnaire.”

COO Qualification Check

“AJ Security Consulting has provided GDPR support to AE Tuition since 2018. They produced all our initial Privacy documentation, provided updates, carried out due diligence assessments of our data processors and are always available to answer questions and provide advice.”

Business Operations Manager AE Tuition.

“AJ Security Consulting delivered our Privacy training and identified what we needed to do to comply with the GDPR. The training was exactly what we needed as a small organisation – informative, relevant and concise. They simplified a complex subject and provided a clear plan of what we need to do next.”

Salisbury Area Music Co-operative | 2017

“AJ Security developed our information security policy framework and helped us achieve ISO27001:2013 Certification, they also helped us recruit a permanent Information security manager.”

Rajesh Gupta CFO The Northview Group |2016

“AJ Security Consultants helped develop our information security risk assessment process and standard. He provided a wide range of pragmatic security advice and has always been available to answer questions and offer advice.”

Jon Cheyne IT Director Victoria and Albert Museum | 2015
Contact us