ISO 27001 Templates Toolkit: Consultant Edition 2022

5 out of 5 based on 5 customer ratings
(5 customer reviews)

$1,295.00

You are a consultant implementing, or wanting to implement, ISO 27001 for clients and you want the tools to do the job. Rather than spend your time keeping pace with changes and working on your own documents you would rather work billable time. 

  • Keep pace with changes to the standards with zero effort
  • Fully meets ISO 27002:2022 – get your clients ready, perform gap analysis, implement the new Annex A
  • Unlimited Use Licence – use on all your clients
  • Designed for consultants by consultants
  • Benefit from updates and continual improvement from feedback from thousands of implementations 
  • Lifetime of Updates, New ISO 27001 Templates, Changes to the Standards

Sure, you are sceptical about templates. We would be too. That is why we give you our 5 day 100% No-Risk Money Back Guarantee.

Time Saving Templates

  • No-Risk Money Back Guarantee!
  • Secure Payments
  • Immediate Digital Download
Guaranteed Safe Checkout
    Stuart Barker

    Simply Follow Our Blueprint To Success & You’ll Avoid Trial and Error deployments!

    Getting clients ISO 27001 certification can be much easier than you think. Many people simply don’t know the correct steps to take which makes them take far longer than they need to. We’ve done all the hard work for you, so all you need to do is follow our step-by-step blueprint and you’ll get your clients ISO 27001 certified in no time.

    You won’t just save time either. When you follow our advice closely, you also will earn upto £10,000 more profit per engagement than you would ever be able to achieve on your own.

    Sadly, 98% of consultants will never get their clients ISO 27001 certification in a consistent, fast and hugely profitable way. It’s not their fault, they just haven’t been taught the right way to achieve ISO 27001 certification for clients. It doesn’t have to be this way for you though.

    Praised by industry professionals just like you

    ISO 27001 Templates Toolkit Contents


    You are going to get the complete information security management system, every document, policy, template and process on the store plus bonus content. You are going to get a comprehensive step by step video guide to implementing ISO 27001 with real world, practical insights.

    You also have up to an hour of my time for free, 1 to 1.

    You get 12 months of access to all updates, changes and future templates we create.

    Included:

    ISO 27001 Templates Toolkit Consultant Edition

    Save months of work and effort creating, updating and adapting your Information Security Management System.

    Easily keep paces with changes to the standards. Let us take care of the updates.
    ISO 27001 Audit Toolkit ISO 27001 Policy Templates Consultant Edition

    Conduct effortless ISO 27001 Gap Analysis and Internal Audits with ease.

    Audit against the ISO 27001:2013 control set for current sets and get your clients ready with the ISO 27002:2022 control set.
    ISO 27001 Policy Templates Consultant Edition

    29 pre written information security policies that you can deploy into clients in a matter of hours not days showing you exactly what you need to do.

    Policies that meet multiple information security standards and pass audits.
    Business Continuity Templates Toolkit Consultant Edition

    Protect your clients with the complete business continuity toolkit aligned to and meeting ISO 22301.

    You are going to get over 50 documents, policies, templates and processes with step by step, easy to follow guides and video walk throughs of key documents. This is everything on the store PLUS bonus content. We have included a pre-popluated and direct mapping of The ISO 27001 standard to the templates to show you exactly how it meets the requirements and which control the documents satisfy .

    • Organisation Overview
    • Context of Organisation
    • Documented ISMS Scope
    • Legal and Contractual Requirements Register
    • Physical Assets Register
    • Data Asset Register
    • Statement of Applicability
    • Competency Matrix
    • Information Classification Summary
    • Information Security Management System Document Tracker
    • ISMS RASCI Table
    • Management Review Team Meeting Agenda – Template
    • Audit Plan
    • Communication Plan
    • Incident and Corrective Action Log
    • Risk Management Procedure
    • Risk Register without Residual Risk
    • Risk Register with Residual Risk
    • Third Party Supplier Register
    • Training and Awareness – The Governance Framework
    • Training and Awareness – Introduction to Information Security
    • The Information Security Management System document
    • Information Security Roles Assigned and Responsibilities
    • Easy to follow step by step guide – How to Conduct an Internal Audit
    • The ISO 27001 ISMS 114 Controls – audit work sheet
    • The ISO 27002:2013 Annex A  – audit work sheet
    • The ISO 27002:2022 Annex A  – audit work sheet
    • Management Audit Report
    • Audit Meeting Template
    • Audit 12 Month Planner 
    • Data protection Policy
    • Data Retention Policy 
    • Information Security Policy 
    • Access Control Policy 
    • Asset Management Policy 
    • Risk Management Policy 
    • Information Classification and Handling Policy 
    • Information Security Awareness and Training Policy 
    • Acceptable Use Policy 
    • Clear Desk and Clear Screen Policy 
    • Mobile and Teleworking Policy 
    • Business Continuity Policy 
    • Backup Policy 
    • Malware and Antivirus Policy 
    • Change Management Policy 
    • Third Party Supplier Security Policy 
    • Continual Improvement Policy
    • Logging and Monitoring Policy 
    • Network Security Management Policy
    • Information Transfer Policy 
    • Secure Development Policy 
    • Physical and Environmental Security Policy 
    • Cryptographic Key Management Policy 
    • Cryptographic Control and Encryption Policy 
    • Document and Record Policy
    • Significant Incident Policy and Collection of Evidence and
    • Patch Management Policy
    • Business Continuity Policy
    • Business Impact Assessment
    • Business Impact Analysis Executive Summary
    • Business Continuity Objectives and Strategy
    • Business Continuity Plan
    • Business Continuity Incident Action Log
    • Post Incident Review Form
    • Business Continuity Disaster Scenarios
    • Ref Example – High Table Business Continuity Plan – our business continuity plan as example
    • Ref Example – Disaster Recovery Exercise 2021 – our business continuity test as example

     

    Unsure? Undecided? Want to talk and see if it is the right fit?

    Claim your 100% FREE no-obligation 30 minute strategy session call (£1,000 value).

    We will answer your burning questions and show you how you can achieve ISO 27001 certification for clients up to 10x faster with upto £10,000 profit MORE per engagement.

    Meet the team behind the ISO 27001 templates

    Practitioners for over 20 years in Governance, Risk and Compliance. These are the ISO 27001 tools we use day in day out.

    High Table ISO 27001 Templates Toolkit Consultant Edition

    ISO 27001 Requirement Met


    Mapping the standard to the templates.

    CLAUSE CONTROL TEMPLATES
    ISO 27001 Clause 4.1 Understanding the organisation and its context Context of Organisation
    ISO 27001 Clause 4.2 Understanding the needs and expectations of interested parties Context of Organisation
    ISO 27001 Clause 4.3 Determining the scope of the information security management system Documented ISMS Scope
    ISO 27001 Clause 4.4 Information security management system The Information Security Management System
    ISO 27001 Clause 5.1 Leadership and commitment Organisation Overview describes the business and its objectives and mission and values.

    The Information Security Management System sets out the information security objectives. These are managed and reviewed at the Management Review Team meeting which is documented in Information Security Roles Assigned and Responsibilities.

    Information security policies are in place in line with the standard.

    Information Security Policy sets out the objectives and the senior leadership commitment statement.

    Information Security Roles Assigned and Responsibilities sets out the roles and responsibilities with allocated resource.

    ISMS Annex A Controls – Accountability Matrix assigns responsibility for each ISO 27002 / Annex A Control

    Information Security Awareness and Training Policy sets out training and awareness

    Communication Plan sets out the communications for the year across media and approaches

    The Management Review Team meeting agenda covers the requirements of the standard.

    A program of internal audit is conducted and document: Audit Plan sets out the audit plan for the year.

    Continual Improvement Policy sets out the continual improvement approach.

    Incident and Corrective Action Log captures and manages the corrective actions.

    Competency Matrix captures the core competencies and training requirements of staff in relation to information security.

    ISO 27001 Clause 5.2 Policy Information Security Policy is the main information security policy and is part of a framework of policies. It includes the Information Security Objectives. It includes the requirements to meet legal and regulatory obligations. It includes a commitment to continual improvement.

    Legal and Contractual Requirements Register sets out the legal, regulatory and contractual obligations

    Continual Improvement Policy sets out the continual improvement policy.

    The information security management system and associated documents are available electronically to the organisation based on the persons role and business need.

    Communication Plan sets out the communications for the year across media and approaches

    Documents are available to interested parties based on Non Disclosure Agreements and Contracts being place.

    Policies provided:

    Data protection Policy
    Data Retention Policy 
    Information Security Policy 
    Access Control Policy 
    Asset Management Policy 
    Risk Management Policy 
    Information Classification and Handling Policy 
    Information Security Awareness and Training Policy 
    Acceptable Use Policy 
    Clear Desk and Clear Screen Policy 
    Mobile and Teleworking Policy 
    Business Continuity Policy 
    Backup Policy 
    Malware and Antivirus Policy 
    Change Management Policy 
    Third Party Supplier Security Policy 
    Continual Improvement Policy
    Logging and Monitoring Policy 
    Network Security Management Policy
    Information Transfer Policy 
    Secure Development Policy 
    Physical and Environmental Security Policy 
    Cryptographic Key Management Policy 
    Cryptographic Control and Encryption Policy 
    Document and Record Policy
    Significant Incident Policy and Collection of Evidence Policy
    Patch Management Policy

    ISO 27001 Clause 5.3 Organisational roles, responsibilities and authorities Information Security Roles Assigned and Responsibilities sets out the roles and responsibilities with allocated resource.

    The Management Review Team meeting agenda covers the requirements of the standard.

    Competency Matrix captures the core competencies and training requirements of staff in relation to information security.

    Management Review Team is documented in the document: Information Security Roles Assigned and Responsibilities and has responsibility for overseeing the Information Security Management System. This group reports to the board and has board representation and certain board designated authority for decision making. The Management Review Team meeting at least quarterly and follow the agenda as defined in the standard.

    ISO 27001 Clause 6.1.1 Planning General Risk Management Policy and Risk Management Procedure describe the risk management process.

    Risk Register captures, manages and reports risks. These are reported to and overseen by the Management Review Team meeting.

    Risk Management is part of the Continual Improvement Policy and process

    Continual improvement is managed, tracked and reported using Incident and Corrective Action Log

    ISO 27001 Clause 6.1.2 Information security risk assessment There is a risk management process in place and documented.

    Risk Management Policy and Risk Management Procedure describe the risk management process.

    Risk Register captures, manages and reports risks.

    ISO 27001 Clause 6.1.3 Information security risk treatment There is a risk management process in place and documented.

    Risk Management Policy and Risk Management Procedure describe the risk management process.

    Risk Register captures, manages and reports risks.

    All controls required are assessed and document in the Statement of Applicability

    Statement of Applicability describes the applicability of controls and why they are / are not applicable.

    A Risk Treatment Plan guidance is documented in the Risk Register

    Residual risk acceptance is recorded in the risk register and via Management Review Team meeting and standing agenda with minutes.

    Risk Owners and Treatment Owners are identified in the Risk Register

    ISO 27001 Clause 6.2.1 Information security objectives and planning to achieve them The Information Security Management System describes the information security objectives and the process and roles and responsibilities.

    The Information Security Policy sets out the information security objectives in policy form.

    Communication Plan sets out the communications for the year across media and approaches

    Documents are updated as part of the Continual Improvement Policy and process and evidence as signed of by the Management Review Team

    ISO 27001 Clause 7.1 Resources Information Security Roles Assigned and Responsibilities sets out the roles and responsibilities with allocated resource.

    ISMS Annex A Controls – Accountability Matrix assigns responsibility for each ISO 27002 / Annex A Control

    ISO 27001 Clause 7.2 Competence Competency Matrix captures the core competencies and training requirements of staff in relation to information security.

    Information Security Roles Assigned and Responsibilities sets out the roles and responsibilities with allocated resource.

    ISMS Annex A Controls – Accountability Matrix assigns responsibility for each ISO 27002 / Annex A Control

    ISO 27001 Clause 7.3 Awareness Competency Matrix captures the core competencies and training requirements of staff in relation to information security.

    Communication Plan sets out the communications for the year across media and approaches

    Information Security Awareness and Training Policy sets out the training and awareness requirements

    All policies include a statement on non conformance.

    Grievance and disciplinary policy and processes are needed to be in place.

    Employment contracts and third party contracts need to include coverage of information security requirements.

    ISO 27001 Clause 7.4 Communication Communication Plan sets out the communications for the year across media and approaches. It lays out what, when, who and how and records evidence.
    ISO 27001 Clause 7.5.1 Documented information General The information security system is in place and evidenced and is high level described in document: The Information Security Management System. Documents as described per each control.
    ISO 27001 Clause 7.5.2 Creating and updating Document and Record Policy

    Documents appropriate to the organisation and evidenced as having the mark up included

    Documents are reviewed and signed of by the Management Review Team and evidenced as such.

    Documents are updated in line with Continual Improvement Policy and the continual improvement process

    ISO 27001 Clause 7.5.3 Control of documented information Documents stored and accessible appropriate to the organisation.

    Version control and document history in place.

    Documents retained and disposed in line with the Data Retention Policy.

    ISO 27001 Clause 8.1 Operational planning and control The information security management system and associated processes are evidenced as being in place.

    Documents and version control are in place. Audit Plan kept for a minimum of 1 year in line with the Data Retention Policy

    Change Management Policy 

    Third Party Supplier Security Policy 

    Third Party Supplier Register is in place with periodic reviews needed based on criticality, risk and business need.
    Current in date contracts are needed to be in place for all key suppliers.

    ISO 27001 Clause 8.2 Information security risk assessment There is a risk management process in place and documented.

    Risk Management Policy 

    Risk Register

    All controls required are assessed and document in the Statement of Applicability

    Risk assessment is performed at points of significant change on introduction of new technology and at least annually.

    Risk Meeting Minutes in place.

    ISO 27001 Clause 8.3 Information security risk treatment There is a risk management process in place and documented.

    Risk Management Policy 

    Risk Register

    All controls required are assessed and document in the Statement of Applicability

    Risk assessment is performed at points of significant change on introduction of new technology and at least annually.

    Risk Meeting Minutes in place.

    Risk assessment is needed to be performed at points of significant change on introduction of new technology and at least annually.

    ISO 27001 Clause 9.1 Monitoring, measurement, analysis and evaluation The Information Security Management System sets out the objectives.

    These are managed and reviewed at the Management Review Team meeting which is documented in the document: Information Security Roles Assigned and Responsibilities.

    The agenda template covers the requirements of the standard and is seen to be in operation in the meeting minutes.

    A program of internal audit is conducted and document: Audit Plan sets out the audit plan for the year.

    Continual Improvement Policy sets out the continual improvement policy.

    Incident and Corrective Action Log captures and manages the corrective actions.

    ISO 27001 Clause 9.2 Internal audit The ISO 27001 Audit Toolkit provides everything that is needed.

    Easy to follow step by step guide – How to Conduct an Internal Audit
    The ISO 27001 ISMS 114 Controls – audit work sheet
    The ISO 27002:2013 Annex A  – audit work sheet
    The ISO 27002:2022 Annex A  – audit work sheet
    Management Audit Report
    Audit Meeting Template
    Audit 12 Month Planner

    ISO 27001 Clause 9.3 Management review The Management Review Team which is documented in the document: Information Security Roles Assigned and Responsibilities meets at least quarterly.

    Document: Management Review Team Meeting Agenda, the agenda template covers the requirements of the standard

    ISO 27001 Clause 10.1 Nonconformity and corrective action A non conformity occurs as a result of audit, incident or observation.

    A program of internal audit is conducted and document: Audit Plan sets out the audit plan for the year.

    Continual Improvement Policy sets out the continual improvement policy.

    Incident and Corrective Action Log captures and manages the corrective actions.

    Management Review Team oversees non conformity and corrective action as part of standing agenda

    ISO 27001 Clause 10.2 Continual improvement Continual Improvement Policy sets out the continual improvement policy. A process of continual improvement is in place.

    ISO 27001

     

    Meets the requirements of ISO 27001 and the complete information security management system.

    Compatible with ISO 27002:2022

    Compatible with ISO 27002:2013

    Includes Mandatory Documents and Mandatory Policies

    Quick Look


    ISO 27001 Templates Toolkit Consultant Edition Icons

    Stuart Barker - ISO 27001 Templates Toolkit Consultant Edition

    We’d Be Sceptical Too

    As a consultant we know you are good at what you do. We also know that creating templates to work on clients is time consuming and often confusing.

    We have been doing this for over 20+ years. All of our templates have been through hundreds of audits. They have been worked on buy some of the best minds in the industry.

    Are they perfect? Nearly.

    They are the tools of our trade. They are downloaded by professionals just like you, every day, across the globe.

    You could spend your time working billable time, or you could spend your time doing it your own way.

    Why not let us give you that boost.

    Can I use The ISO 27001 Toolkit for more than 1 business? For my clients?

    Answer: Yes. The ISO 27001 Templates Toolkit: Consultant Edition 2022 includes unlimited business license.

    What format is ISO 27001 Templates Toolkit: Consultant Edition 2022 in?

    Answer: The templates are in Microsoft Office format, Microsoft Word and Microsoft Excel

    Do you provide training on the ISO 27001 Templates Toolkit: Consultant Edition 2022 ?

    Answer: Yes. We can offer you up to 1 hour of free time to show you how to use it and how it hangs together. Extra training is available based on what you need for a small fee.

    Who are you and how do I know the ISO 27001 Templates Toolkit: Consultant Edition 2022 is any good?

    Answer: The author is Stuart Barker who has been in governance risk and compliance for over 20 years. He has worked for some of the worlds largest organisations, and some of the smallest. He built and sold a cyber security consultancy and actively consults on ISO 27001 today. You can check out / stalk or connect with Stuart here https://www.linkedin.com/in/stuartabarker/

    Is there a portal version of the ISO 27001 Templates Toolkit: Consultant Edition 2022?

    Answer: No, we do not support portals. There are too many downsides to portals from ongoing costs, training, ambiguity on where the data is and how secure it is … the list is endless. The disadvantages far out way any benefits for what is a glorified document storage solution akin to One Drive or Dropbox. For small business and professionals we do not see any benefit in portals. We are not in the market of reselling services people do not need.

    Customer reviews

    Rated 5 out of 5 stars
    5 reviews
    4 stars 0
    3 stars 0
    2 stars 0
    1 star 0

    5 reviews for ISO 27001 Templates Toolkit: Consultant Edition 2022

    Add a review

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    Secure Payments

    Powered by Stripe - black
    Apple Pay at High Table
    Visa at High Table
    Mastercard at High Table
    American Express at High Table

    As Seen On

    As see on at High Table
    Shopping Cart
    ISO 27001 Templates Toolkit Consultant Edition ISO 27001 Templates Toolkit: Consultant Edition 2022
    $1,295.00