Compliance

ISO 27001
audit.

ISO/IEC 27001:2022 is the global benchmark for information security management. We handle readiness assessments, Annex A 8.8 technical vulnerability management, and Annex A 8.29 security testing — auditor-ready evidence included.

27K

What we deliver.

  • Readiness assessment — gap analysis against Annex A 2022 controls
  • Technical control testing — evidence for A 8.8, 8.9, 8.16, 8.20, 8.21, 8.29
  • Penetration testing aligned to A 8.8 (technical vulnerabilities) and A 8.29 (security testing during development)
  • Annual surveillance testing for maintaining certification
  • Risk treatment plan input for your ISMS

Annex A 2022 highlights we test.

  • A 5.7 Threat intelligence
  • A 8.8 Management of technical vulnerabilities
  • A 8.9 Configuration management
  • A 8.16 Monitoring activities
  • A 8.20 Networks security
  • A 8.21 Security of network services
  • A 8.23 Web filtering
  • A 8.24 Use of cryptography
  • A 8.25 Secure development life cycle
  • A 8.26 Application security requirements
  • A 8.28 Secure coding
  • A 8.29 Security testing in development and acceptance

Auditor-ready evidence.

We’ve worked with the major UKAS-accredited certification bodies (BSI, LRQA, DNV, NQA) and structure our deliverables to satisfy their evidence expectations the first time. Sample evidence includes scoping, methodology, tester qualifications, full technical findings with remediation status, and retest attestation.

Related work.

Get ISMS-ready

SCOPE A 27001
engagement.

Free 30-minute call. Auditor-ready evidence pack delivered with every engagement.

Book Free Scoping Call →All Services