1-877-505-6299 [email protected]

 ISO 27001 Certification


Is your organization looking for ISO 27001 certification? Is there a timeline you are required to meet? We have the experience and track record to provide the consulting expertise to ISO 27001 certification.

Core Compliance information security consulting process includes a free gap assessment to begin the roadmap in implementing and training your organization for ISO 27001 certification.

ISO 27001:2022 update: ISO 27001:2022 was published October 25th, 2022, Information Security, Cybersecurity and Privacy Protection.

Annex A controls has decreased from 114 to 93,

  • A.5 Organizational controls – contains 37 controls
  • A.6 People controls – contains 8 controls
  • A.7 Physical controls – contains 14 controls
  • A.8 Technological controls – contains 34 controls

The new version of ISO/IEC 27001:2022 was updated & divided over 4 chapters:

  • Chapter 5 Organizational (37 controls)
  • Chapter 6 People (8 controls)
  • Chapter 7 Physical (14 controls)
  • Chapter 8 Technological (34 controls)

    ISO/IEC 27001:2013 Information Security Management System was developed International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee. 

    ISO 27001:2022 Transition Plan:

    Core Compliance can design a transition plan for your organization to obtain compliance to ISO 27001:2022

    • The new Annex A structure containing all 93 controls
    • Updates for the changed high-level requirements
    • All new and updated policies and procedures (for reference)
    • A new Statement of Applicability
    • A new Monitoring Plan
    • A new Internal audit program
    • A new Internal audit report template
    • Instructions how to merge the contents and update your existing ISMS

    ISO 27001 ISMS Mapping


    ISMS Polices, Procedures


    ISO/IEC 27001 Information security management documentation can include policy, procedures, risk assessment/treatment for annex controls, logs, flow-charts. Developing all the required ISMS documentation should start with choosing a cloud-based online platform to manage this process. 

    Document control is important for consistent style/format for each type of material, and even better consistent elements on all of them to bind them into a coherent, professional suite. 

    ISO 27001 Consulting


    We provide ISO 27001 consulting at whatever stage organization is at in regards to compliance.

    1. Starting from scratch on your path to ISO/IEC 27001 certification our consultants walk your team through each requirement in building the ISMS management system
    2. Transition ISMS management system to ISO 27001:2022 

    Current state- we provide an initial gap analysis of your company’s current state against requirements and provide a clear road map to certification within your timeline and budget. Core Compliance offers packages that can be customized to your business to get you started on your path to ISMS certification. Our experts guide your employees with proper training and design to remove the complexity of understanding ISO 27001 requirements for Information Security Management System.

    ISO 27001 Certification Process


    Information Security Management System based on Plan, Do, Check, Act Model with specific reference to Policy controls. Core Compliance provides a road map for ISO 27001 certification process with guidance to focuses on setting policies, a strategy for implementing controls to achieve security objectives, and specific road maps to achieve control implementations within systems.

    1. Information Asset Management
    2. ISO 27001 Facilitated Risk Assessment 
    3. ISO 27001 Risk Treatment and Control Implementation
    4. ISO 27001 Internal Audit
    5. ISMS Effectiveness Assessment
    6. ISO 27001 Control Maturity and Effectiveness Assessment
    7. ISMS Continual Improvement