If you’re just getting started, the process of getting ready for ISO 27001 certification can be overwhelming.  

Completing a risk assessment, building your ISMS, writing policies and implementing controls — it’s difficult to know where to start, and little practical guidance is available for those pursuing ISO 27001 certification for the first time. 

We’ve created this section to help you identify opportunities to save time and effort, understand best practices for preparing so you go into your audit confidently, and ultimately come out with a certification in hand. 

Here’s everything you need to know about preparing for ISO 27001 certification audits. 

ISO 27001 Documentation: What’s Required for Compliance?

Find a list of documents you’ll need to prepare ahead of your certification audit.

ISO 27001 Evidence Collection List for Your Certification Audit

Learn what evidence you’ll need to collect to prove the strength of your security controls to your auditor.

How to Do an ISO 27001 Risk Assessment

Follow a step-by-step process for completing a risk assessment, plus find resources to simplify and streamline along the way.

How to Conduct an ISO 27001 Internal Audit

Learn how often you should conduct an internal audit, the steps for completing one, and get an internal audit checklist to guide you through.