There are many things to consider when hiring a consulting firm to help you implement ISO 27001. Please see the checklist below before you hire an ISO 27001 consulting firm to make sure you’ve performed your due diligence. Choosing the wrong consulting company can cost an organization time, money and failure to certify.
Check List | Competitors | SecuraStar |
| Services | • Limited ISO 27001 Services • Not Specialized in ISO 27001 | Specialized ISO 27001 Consulting Firm: • ISO 27001 Lead Implementer Training • ISO 27001 Consulting • ISO 27001 Gap Assessment • ISO 27001 Risk Assessment • ISO 27001 Internal Audit • ISO 27001 Business Continuity • ISO 27001 Managed Services |
| Products | • No implementation system (toolkit) • No software • Create unproved system at your expense | • ISO 27001 Toolkit (Implementation System) • ISO 27001 Software |
| Experience | • No ISO 27001 certified clients • Not approved consultant of certification bodies • No experience / No references | • Many ISO 27001 certified clients worldwide • Approved consultant of multiple certification bodies • Very experienced / Unlimited references |
| Price | • Never ending costs | • Fixed Price Consulting! |
| Success Rate | • Unknown? | • 100% Success Rate! |
| Guarantee | • No guarantee of products or services | • 100% Guarantee on products and services! |
| Consultants | • Independent Contractor (no personnel backup) • Inexperienced in ISO 27001 • Took a 1 week lead auditor training course • Took a 1 week lead implementer training course • Never certified anyone • Unqualified to teach or audit ISO 27001 | • Large team of experienced consultants • Highly experienced in ISO 27001 • Teach 1 week lead auditor training course • Teach 1 week lead implementer training course • Certified ISO 27001 Instructors • Certified ISO 27001 Certification Auditors |
| Auditors | • Unqualified to teach, audit or certify ISO 27001 for certification bodies (registrars) | • RABQSA / IRCA certified auditors • Certified ISO 27001 Certification Auditors • Perform ISO 27001 certification audits for multiple certification bodies (registrars) |
| Insurance | • No Professional Liability for ISO 27001 Services • No Product Liability for ISO 27001 Products | • Specific Professional Liability for ISO 27001 • Specific Product Liability for ISO 27001 |
| Locations | • Local only • Limited locations | • Worldwide • Multiple locations in the USA |
