ISO 27001/27002 Readiness

The ISO 27001 standard defines the framework to initiate, implement, maintain, and manage information security within an organization. The standard is based on the Envision-Plan-Develop-Implement methodology and outlines the requirements for an organization to design and execute an Information Security Management System (ISMS). As such, the focus of a pre-assessment review is on the design of the ISMS itself and its conformity to the requirements of the ISO 27001 standard.


The scope of the pre-assessment is determined by the organization and can be an entire enterprise, a specific business unit, or domain of focus.


The primary deliverables of our ISO 27001 pre-assessment reviews include:

  • Detailed project plan for the assessment
  • Comprehensive information request list allowing the organization’s personnel to gather documentation in advance of fieldwork
  • Formal report identifying high-level gaps related to the conformity to ISO 27001

Who Should Consider an ISO 27001 Pre-Assessment?

The following are characteristics of the ideal candidate for ISO 27001 readiness review and pre-assessment services:

  • Any organization, business unit/division, or service, that is considering certification against the ISO 27001 standard
  • Any organization that is required by its customers to be aligned with the ISO 27001 or 27002 framework

Information Risk Assessment

Cautela Labs helps you via its information risk analysis methodology to analyze business information risk and select the right controls to mitigate that risk.

Professional Services


Services to help federal agencies and their affiliates in their FISMA compliance efforts to improve your security controls in accordance with NIST SP 800-53 for security controls.