Build an audit-ready ISMS and show continual commitment to information security
ISO/IEC 27001 is an internationally recognised framework and certification for information security management. Often viewed as the gold standard, ISO 27001 demonstrates a continual commitment to strong security behaviours and processes to your staff, suppliers and customers through an Information Security Management System (ISMS) that is risk-led, documented, tested, and continuously improved. Lockdown helps organisations plan and prepare for ISO 27001, including review and assessment, conducting internal audits, and ongoing maintenance of the assembled ISMS.
- Establishes a continuous Information Security management programme
- Considered a gold standard certification (globally recognised ISMS standard)
- Builds strong cyber security processes and controls (risk-led ISMS + control framework)
- Demonstrates cyber security assurance to customers, suppliers and stakeholders
- Format: ISO 27001 readiness + gap assessment, ISMS build support, internal audit, certification preparation (Stage 1/Stage 2 support)
- Duration: typically 8–16 weeks for readiness (depends on scope, complexity, and resourcing). Maintained over a 3 year cycle.
- Audience: leadership (sponsor/approver), IT/engineering, security/compliance, ops Operations, HR (policies), key process owners
- Ideal for: organisations that need a recognised ISMS for enterprise procurement, regulated environments, supply chain assurance, and long-term security governance
- What's included: scope definition, risk assessment method, ISMS documentation pack, control mapping, evidence planning, internal audit, corrective action plan, maintenance approach (continual improvement)
ISO 27001
Common problems
“Customers are asking for ISO 27001 and we don’t know where to start.”
Explore problem →
Recommended focus: scope + simple implementation plan
You’ll get: practical steps, owners and evidence requirements
“Our scope is unclear. Does ISO 27001 have to cover the whole company?”
Explore problem →
Recommended focus: sensible scoping + boundary definition
You’ll get: a scope that fits your business needs, meeting ISO 27001 requirements
“We have policies, but we don’t have a working ISMS with risk management and ongoing review.”
Explore problem →
Recommended focus: ISMS structure + risk-led controls + governance
You’ll get: ISMS that’s built around your real risks
“Internal audits feel intimidating and we don’t have the capability.”
Explore problem →
Recommended focus: internal audit plan + evidence approach
You’ll get: an internal strengthening ISMS plus a corrective action process
“We’re worried the certification audit will uncover gaps we can’t fix quickly.”
Explore problem →
Recommended focus: gap assessment + prioritised corrective actions
You’ll get: an action plan that closes risk issues
“We want ISO 27001 to be sustainable, not a one-off compliance sprint.”
Explore problem →
Recommended focus: continual improvement + maintenance cycle
You’ll get: a repeatable maintenance (reviews, audits, improvements) that keeps ISMS effective
What this service includes
- ISO 27001 scoping session (systems, teams, locations, suppliers, boundaries)
- ISMS design aligned to ISO/IEC 27001 requirements (governance, documentation, ownership)
- Risk assessment method and risk treatment planning (risk-led control selection)
- Control framework mapping and practical implementation support
- Policy and procedure pack tailored to your organisation (usable, not generic)
- Evidence planning (what auditors will expect, where it lives, how to keep it consistent)
- Internal audit delivery and corrective action plan (what to fix, in what order)
- Certification preparation support (pre-Stage 1/Stage 2 readiness checks and audit coaching)
- Ongoing maintenance approach so the ISMS stays current and improves over time
Ask for price
Tell us your number of staff, service of interest, your sector, and timeline. If you’d like a call back, leave your phone number in the optional message field and we’ll get back to you. We’ll recommend the best-fit option and send a clear quote.
