AGIDAT – Datenschutz | Informationssicherheit

ISO/IEC 27001

ISMS implementation and certification preparation — structured and practical.

What is ISO/IEC 27001?

ISO/IEC 27001 is the internationally recognized standard for Information Security Management Systems (ISMS). Certification demonstrates to customers, partners, and regulators that your organization manages information security systematically and to a high standard. It is increasingly required by enterprise clients and in regulated industries.

The path to ISO 27001 certification

  1. Gap analysis — current state vs. ISO 27001 requirements
  2. Scope definition — which parts of the organization are in scope?
  3. Risk assessment — identifying and assessing information security risks
  4. Risk treatment — selecting and implementing controls from Annex A
  5. ISMS documentation — policies, procedures, risk treatment plan, Statement of Applicability
  6. Internal audit — pre-certification review
  7. Management review — leadership sign-off
  8. Certification audit — Stage 1 (documentation) and Stage 2 (implementation)

Our role

AGIDAT supports you through every phase of the ISO 27001 journey — from initial gap analysis through implementation to the certification audit. We work with you and your team, transfer knowledge, and ensure that your ISMS is not just audit-ready but genuinely useful for your organization.