ISO 27001 Policy Toolkit

The ISO 27001 Policy Templates are in Microsoft Word format

No. The ISO 27001 Policy Templates are designed to be easy to implement and easy to configure. They come with an easy to follow step by step guide. You are provided with a free hour of training if you need it.

It depends on what you are trying to achieve. It works as a stand alone information security policy pack.

The policy pack is made up of individual policies as it serves a specific purpose and often people just want a subset of the policies. When you deploy information security policies into your organisation you may not need all of the policies so we make them available individually. The benefits of having individual policies are: 1. They can be shared only with the people that need the information 2. They can be allocated an owner to update them 3. You can deploy only the policies you need. In addition the 2022 update to the ISO 27001 standard explicitly calls out having a headline policy and subordinate policies.

We estimate that on average it will take you less than 1 hour. The templates require information that you know so there is nothing complicated. See how fast you can deploy a policy.

Payments are handled entirely through Stripe. They are very secure. We do not handle the payment transaction. We do not store, process or transmit your card holder data.

No, we do not support online ISMS versions of the ISO 27001 Policy Template Toolkit. There are too many downsides to online ISMS portals from ongoing costs, training, ambiguity, lack of flexibility and did we mention costs … the list is endless. A typical online ISMS SaaS Platform is on average 30x more expensive than our toolkit. The disadvantages far out way any benefits for what is a glorified document storage solution akin to One Drive or Dropbox. For small business and professionals we do not see any benefit in online ISMS portals.

An ISO 27001 Policy template is a prewritten and ready to go information security policy. It represents best practice and fully meets the requirements of the ISO 27001:2022 Information Security Standard. In 2022 the standard changed its approach to recommend topic specific policies and the ISO 27001 Policy Template Toolkit contains all of the required topic specific policies.

The ISO 27001 Policy Template Toolkit fully meets ISO 27001:2022 (the latest version of the standard) as well as all previous versions of the ISO 27001 standard including ISO 27001:2013 and ISO 27001:2017.

The benefits of using the ISO 27001 Policy Template Toolkit include:
It will save you thousands in consulting fees
It will save you over 200 hours of work creating them yourself
They full meet the requirements of all versions of the ISO 27001 Standard for Information Security

You can learn more about ISO 27001 Policies by reading The Ultimate Guide to ISO 27001 Policies.

You can expect to pay less than £10 for an individual policy and around £197 for a complete set of the required information security policies for ISO 27001.

An ISO 27001 Policy Template is a description of what you do. It is not a description of how you do it. How you do it is covered in your process and procedures documents.

The purpose of the ISO 27001 Policy Template is to fast track your ISO 27001 implementation by giving you a pre written, fully populated, ISO 27001 compliant policy based on best practice. It is desgined to save you time and money.

No an ISO 27001 Policy Template should not include process steps. It is a statement of what you do not how you do it and used to communicate to clients and employees what you do. Process steps are detailed steps that include intellectual property, propriety ways of working, staff names and contact details, and other confidential information that you would not want to share with third parties. You keep the what you do separate from the how you do it.

The main requirement for information security policies is covered in ISO 27001:2022 Clause 5.2 Policies for Information Security. Topic specific policies are also required for certain controls in the ISO 27001:2022 Annex A.

The ISO 27001 Policy Templates Toolkit is fully designed to meet the requirements of the United States (US).

The ISO 27001 Policy Templates Toolkit is fully designed to meet the requirements of Australia.