Please ensure Javascript is enabled for purposes of website accessibility

ISO 27001 Certification

Ensure that every form of information you hold is protected and secure.

As the internationally-recognised Information Security Management System Standard, ISO 27001 will help you meet contractual requirements.

Wherever you are based, Centre for Assessment can provide you with a robust, UKAS-accredited certification audit.

Request a Quote

Request a free, no-obligation quote for ISO 27001 Certification.

What is ISO 27001?
ISO 27001
What is ISO 27001?
Safeguarding information security assets and personal data makes sound business sense but is also a legal and regulatory obligation, especially for many businesses.

To gain ISO 27001 certification, your organisation will need to demonstrate that it has identified and assessed potential security risks to confidential information and data you hold. You also need to have taken steps to ensure these risks are mitigated and that security controls are fit-for-purpose within your context.

An ISO 27001 audit with Centre for Assessment, a UKAS-accredited certification body (No. 0120), is based on a 3-year certification cycle.  Contact us to find out more about how the certification process works and how we can help you achieve compliance to the Standard.

If you need to demonstrate that you are working towards the Standard, we will provide you with a Certificate of Commitment once you have accepted our proposal.

Download an application form here.

Request a Quote
Have a Question?

Speak to our team on 0161 237 4080

How can ISO 27001 benefit you?

Compliance to ISO 27001 can have an extremely positive impact on your organisation. Certification with Centre for Assessment may help you to:

  • win more business
  • develop trust and credibility
  • improve the culture of security in your organisation
  • review and improve the strength of your security measures
  • give your customers reassurance that their data is safe
  • reduce costs associated with information mismanagement
  • comply with international legal obligations and regulations, including GDPR
  • provide a competitive advantage for your company
Request a Quote
ISO 27001 FAQs
  • Is ISO 27001 certification worth it?

    Our clients tell us that ISO 27001 certification has brought a lot of value to their organisation. Not only do they feel that their sensitive or confidential information is more secure, they are also more able to access markets with a competitive advantage.

  • How many ISO 27001 controls are there?

    There are 114 controls set out in ISO 27001. You need to decide which are appropriate for your organisation, either internally, or through the help of a suitably qualified ISMS consultant.

  • Is ISO 27001 mandatory?

    ISO 27001 is often a mandatory requirement for procurers. With the increased risk of data security breaches, it is not surprising that organsiations are becoming more sensitive to the threats. ISO 27001 is possibly the fastest growing of all the ISO Management System Standards.

Is ISO 27001 right for you?

With increasingly sophisticated cyber-attacks and high-profile data leaks, no wonder the number of organisations achieving certification to ISO 27001 is growing year on year.

An ISO 27001 audit is a must not only for organisations that are technology-rich or heavily reliant on digital data storage but also important if you hold sensitive information in any other format.

Healthcare providers, educational establishments, local authorities, other public bodies, retailers and many others can use ISO 27001 to protect the information they hold. Compliance to the Standard is now a requirement to provide services to some areas of the NHS , making it extremely valuable for your organisation.

Why work with CfA?

Centre for Assessment is a respected, client-focused and ethical UKAS-accredited body with years of experience providing ISO 27001 certification to organisations like yours.

Our team of auditors undergo a rigorous recruitment and training process, ensuring that you are given an experienced professional who understands the context and concerns of your organisation.  We have a strict auditor competency framework, meaning you can be confident that the auditor assigned to your ISO 27001 project will have appropriate knowledge of your sector.

With a flexible, customer-centric approach to our audit and certification service, a member of our friendly, knowledgeable Business Development team will explain more about how we help your organisation achieve ISO 27001 certification.

How Much Does it Cost?
Centre for Assessment believes that value is extremely important but also understands that cost is a key factor for organisations considering ISO 27001 certification. We pride ourselves on the quality of our certification services but are also keen to offer highly competitive prices for your business.
A member of our Business Development team will be pleased to produce a bespoke, no-obligation ISO 27001 certification proposal for you, taking into account factors such as the number of employees and the complexity of your organisation. Centre for Assessment normally quotes for the whole of the three-year certification cycle but we do not lock clients into a recurring contract or expect any payments in advance of the audit. In fact, you only pay for each audit once it is completed.
Request a Quote
ISO 27001 Insights
ISO 27001 Support
What support can we offer you?
You may find the idea of an ISO 27001 audit daunting. Centre for Assessment is committed to supporting you to ensure your audit is painless and successful, adding value to your organisation.

As a UKAS-accredited (No. 0120), impartial certification body, we are unable to provide a consultancy service to help you develop and implement your Information Security Management System.

However, we do offer a range of training courses to help ensure your ISO 27001 audit with us is successful:

ISO 27001 Internal Auditor Training

Have a Question?

Speak to our team on 0161 237 4080

Certification and Audit Process
  • 1
    Develop and Implement your Management System

    You may choose to hire a consultant to help you design and implement your Security Management System. Centre for Assessment does not offer a consultancy service but can provide you with a list of our independent associates. You could opt to use Centre for Assessment to provide a pre-assessment service. Alternatively, you may choose to move forward without seeking external support.

  • 2

    Submit an application form online to receive a no-obligation audit proposal for your organisation. If you don't have time to complete this, give us a call and a member of our Business Development team will be happy to help you.

  • 3
    Make Arrangements

    You will be allocated a specialist, experienced auditor who will contact you to introduce themselves, discuss arrangements and book dates for your audit.

  • 4
    Audit Stage One

    The Stage One audit will involve a review of the documents relating to your Security Management System. Stage One also explores your readiness to move on to Stage Two.

  • 5
    Audit Stage Two

    The Stage Two audit looks at the effectiveness of your Security Management System, ensuring it is
    successfully implemented and fully operational.

  • 6

    Following a technical review by a decision-maker, you will be issued a certificate that is valid for three years. You can advertise the fact that you are certified to the Standard and use the ISO 27001 logo on your website.

  • 7
    Annual Audit

    At 12 and 24 months, review audits will be completed to ensure you are still compliant with ISO 27001. These will be arranged directly with your auditor.

What Our Customers Think

Myself and colleagues who worked on the project board were all impressed with how professional the entire assessment process was from our initial first meeting, through to the end.


A very capable organisation that is able to move quickly to provide auditors in timescales required by clients. The auditors are very proficient and a pleasure to be audited by.

Scorey, L

As a company we are so impressed with the overall service provided by Centre For Assessment. It is a pleasure to deal with auditors who are knowledgeable and approachable.

Gibbons, T

Information Security Management
Transfer your Certification to Centre for Assessment

If your organisation is already certified to ISO 27001, you may want to consider transferring to Centre for Assessment. Centre for Assessment has lots of experience working with transfer clients, ensuring the required audits take place to avoid a gap in your certification. We do not charge a transfer fee so moving to us can be quick, simple and free.

You may consider a transfer for many reasons. Perhaps you need a more robust audit from a UKAS-accredited certification body. You may need an improved level of service or a more affordable price. Whatever the reason, if you want to transfer to us, or do a cost comparison with your existing provider, we would be delighted to hear from you.

If you do transfer to us, we will ensure that the process is as smooth as possible. Simply contact us and a member of our Business Development team will be happy to help.


Request a Quote
ISO 27701 add-on
ISO 27701
ISO 27701 - Privacy Information Management - is an optional extension to ISO 27001 and can be added to your certification audit with Centre for Assessment.

This additional Management System Standard is relevant to organisations of any size and sector.  It provides guidance around the processing and management of Personally Identifiable Information, helping you comply with international privacy regulations.

Gaining ISO 27701 certification will help you gain trust from your customers, provide transparency for your stakeholders and ensure you are fully compliant with the requirements of GDPR.  

If you would like to integrate ISO 27701 certification into your ISO 27001 audit or want to find out more, get in touch and our Business Development team will be pleased to talk to you.


Request a Quote
Make an enquiry
proud to be part of The Growth Company