ISO 27001 - Information Security Management



ISO 27001 Assurance Program


ISO 27001:2013 and Client Charter


All organisations utilising information technology





Certificate of Confidence

3 years, subject to on-going requirements

Certification gives confidence to the organisation, its customers, regulators and/or other interested parties in the ability to effectively manage information security.


ISO 27001 Certified Information Security.png

Why ISO 27001?

ISO 27001 provides requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS). The adoption of an ISMS is a strategic decision for an organisation. The establishment and implementation of an ISMS is influenced by the organisation’s needs and objectives, security requirements of interested parties, the processes used and the organisational size and structure maintained, all of which can change over time.

A sound ISMS and Statement of Accountability preserves the confidentiality, integrity and availability of information by applying a risk management process and formal certification to the ISO 27001 international standard gives confidence to interested parties that the security risks of sharing their information with a service provider are adequately managed.

Benefits of ISO 27001 Certification

Data Integrity

ISO 27001 certification means that a business has constructed an information security management framework that allows data to be organised, protected, and accessed only by authorised personnel

Efficient Business Operations

With an ISO 27001 certified information management system, data analysis and visualisation is made easier. This allows for evidence-based management decisions for the continual improvement of operations

Proof of Commitment

Certification demonstrates to your stakeholders that your organisation prioritises the security and confidentiality of the data they are entrusted

Competitive Advantage

Any company can claim that they have strong data protection systems in place, but not everyone can back it up with an ISO 27001 certification

How do I get Certified?

As an organisation, the steps involved for you are:

1.     Applying for certification:

Review and accept our customised Proposal, and you’re underway!

2.     Achieving certification:

Firstly, a pre-certification audit or “test run” will be conducted either on-site (at your premises) or off-site (at our premises) or both, to see whether your information security management systems are suitable. Areas of concern will be reported. Once concerns have been actioned, an on-site certification audit will be conducted, where we will examine the extent to which you address the program criteria. Areas of concern will be reported. Once we are satisfied there are no outstanding issues that present an unacceptable risk to you, your customers, regulators, Equal Assurance or others, we can proceed to issue a Certificate of Confidence. Well done!

ISO 27001 Certification.jpg

3.     Maintaining certification:

Depending on the level of risk, and/or whether you are transferring from another provider, we will conduct a series of surveillance audits (and in some cases special and follow-up audits) and tri-ennial re-certification audits, to examine the extent to which you continue to address the program criteria. Areas of concern will be reported. So long as we continue to be satisfied there are no outstanding issues that present an unacceptable risk to you, your customers, regulators, Equal Assurance or others, your certification remains valid.

Your next step:

Further details regarding the specific requirements of ISO 27001 and other certification services are provided in our 'Equal Assurance' Client Charter. This and other relevant documentation are available by contacting EQAS Certification on +61 8 83382771, and we can prepare a Proposal at no cost. If you already have a proposal simply contact us with any query.

EQAS Certification is a practice member of 'Equal Assurance', a world-wide confederation of independent certifying auditor practices and accredited partners that provides a range of internationally accredited management system assurance programs and certifications across Australia, New Zealand, and overseas.

Win new business and protect your company’s reputation with ISO 27001