ISO 27001 Virtual CoachAn online complementary service delivering expert yet practical guidance where and when you need it most
Implementing ISO 27001 and need a little extra help?
Implementing a successful (and sustainable) information security management system can be challenging, especially if you or members of the implementation team are not experienced on the topic of ISO 27001. An extra bit of coaching and insight to join the dots on an ISO 27001 implementation, building confidence and capability, can make all the difference between success and failure, fast and slow results.
We’d suggest you reconsider the effort and expense of an ISO 27001 lead implementer course. There is an alternative approach that will increase your confidence and capability to achieve your ISO 27001:2013/17 certification goals faster, and at a fraction of the cost of alternatives. We call it the Virtual Coach.
Virtual Coach has been put together to help you work at the pace you want to progress your ISO 27001 implementation. It is always available online, 24/7, directly inside ISMS.online. Right there when and where you need it during your delivery activity, whether working alone or in a team. Virtual Coach also acts as a competence building material that independent auditors like to see from the key players involved in the ISMS implementation. It is all available at the comfort of your laptop or mobile device with no need to travel anywhere for ISO 27001 lead implementor training courses.
What is included in the Virtual Coach?
ISMS.online already has pre-configured workspaces and technology to make ISO 27001 implementation and ongoing management much easier. In addition, it has the actionable policies and controls documentation that is included as standard too. The Virtual Coach complements that and has 2 parts to it:
“Wow, Virtual Coach just brings alive how to do an ISO 27001 implementation. As someone new to the standard it makes so much more sense and all the bits of the jigsaw fit together easily now.”
“I attended an ISO 27001 Lead Implementer course before we got ISMS.online but have learnt more here. We’ve also made more practical progress very quickly, so if I were doing it again would just go with the Virtual Coach and ISMS.online.”
Virtual Coach Part 1
How to prepare for a successful ISO 27001 implementation and achieve the outcome with assured results
This part of the Virtual Coach includes what you would expect to see in a lead implementer course, and more. Unlike traditional lead implementer courses, this material is also easy to digest, available just when you need it and joined up with the ISMS software tools you’ll use for the implementation. This part of the Virtual Coach covers topics such as:
- ISO 27001 and ISO 27002 official standards, licencing and related aspects
- Understanding ISO 27001: 2013/17
- The purpose of an information security management system (ISMS)
- Leadership and management in the achievement of ISO 27001
- Design principles to ensure you take a business-led approach to ISO 27001 implementation
- The journey and time to achieve ISO 27001 success
- The difference between compliance and certification for ISO 27001
- Planning for independent Stage 1 and 2 audits for ISO 27001 and finding the most appropriate auditor for your organisation
- Fundamentals of information security and protecting information
- GDPR and its relationship to ISO 27001
- Implementing ISO 27001 and the team involved
- Roles and responsibilities
- Good habits and collaborating for success
- Staff communications, awareness and engagement
- Before getting started with the ISO 27001 implementation
- An exercise around assets, risks and controls
- Where to start with the ISO 27001 implementation
- Quick wins and gaining momentum
- Tips on things to do early on and avoid common pitfalls
- Technology and systems for ISMS success including ISMS.online use
In addition to the learning content above this part of the Virtual Coach will also give you and your colleagues the confidence to practically begin your implementation and follow the most optimal route to success using ARM, our Assured Results Method. ARM offers focused and fast implementation success. It means your project plan for ISO 27001 achievement is broken down into practical ‘business-led’ steps too, right inside ISMS.online. You do just what you need to do in the right order from the minute you get started. You avoid distractions or costly changes to your business that could also delay your ISO 27001 certification success.
The high-level approach for ARM is shown below. It is built into ISMS.online with detailed step by step guidance.
- Describing the current organisational security environment
- Laying the foundations for ISO 27001 requirements and tricky topics made easy by ISMS.online such as the Statement of Applicability (SOA)
- Describing current practices in line with ISO 27001 Annex A
- Adopting and adapting approaches to remaining requirements
- Going live with the IMS
- Launching and living the ISMS in operational mode
- Planning information security improvements
- Reviewing and prioritising identified improvements
- ISO 27001 Stage 1 Audit
- Certification Body auditors and completing the audit
- ISO 27001 Stage 2 Audit
- Going through the audit
- Planning into the future for ongoing ISO 27001 success
We’ll continue to guide you on how to progress through your implementation and focus on what to do as you go through your ISO 27001 Stage 1 and Stage 2 certification audits, and beyond into the future for ongoing success.
Virtual Coach Part 2
How to address each of the ISO 27001 core requirements from 4.1 – 10.1 and develop the Annex A controls from A.5 through to A.18.
This part of the Virtual Coach is neatly integrated into the time-saving features, tools, actionable policies and controls and other content at the heart of your ISO 27001 Policies and Controls workspace. You get practical guidance on how to meet each of the ISO 27001 core requirements and Annex A controls right inside where you’ll describe and demonstrate it working in practice.
In this video extract from the Virtual Coach series, you learn about identifying internal and external issues in line with ISO 27001 clause 4.1. Templates are also included in the activity areas to easily adopt, adapt and add to as necessary. This also means you concentrate on what you are trying to achieve rather than wasting time on how to do it.
What else do you get?
Alongside the easy to digest videos in the Virtual Coach, we also give you checklists, examples and guides that make the whole process of ISO 27001 implementation so much simpler. This additional knowledge and learning relate directly to the area you are working on at the time. It specifically helps you apply the ISO 27001 requirements and controls to your own organisation so you run it the way you want to, doing business securely.
What happens with Virtual Coach after the first ISO 27001 certification?
All of the content you get in the Virtual Coach is tried and tested and is designed to help you achieve ISO 27001 faster and more effectively than you would when working alone. But success is not a one-time thing, you need to manage and improve your information security management system over time too in order to maintain and retain ISO 27001 certification.
As such the Virtual Coach simply stays on all the time, reminding you of the tips, guides, videos and checklists as you review your ISO 27001 requirements and controls regularly in line with the ISO management standard. It is also great for onboarding new ISMS management team members who were not involved in the first ISO 27001 implementation work. Auditors love to see the consistent competence of the ISMS team members and we have made that easy too.
How much does Virtual Coach cost?
Virtual Coach is a one-off fee subscription, available as an optional extra for ISMS.online customers. Pricing, as with ISMS.online itself, is dependent on organisation size and scope, with discounts available to smaller and vulnerable organisations who need ISO 27001 but may find it harder to achieve.
Virtual Coach is always on for the time you take ISMS.online, and available for the team you want to involve in your implementation (which can also include external consultants). There are no extra charges thereafter and no additional costs if your team changes over time. Everyone accessing the Virtual Coach simply needs to be a user on ISMS.online. It is added to the initial ISMS.online subscription and follows the standard ISMS.online terms and conditions.
What happens if I need even more help during my ISO 27001 implementation?
In addition to Virtual Coach and our easy to use, comprehensive ISMS.online service, we’ve developed 3 complementary ways in which you can also get even more help:
In-platform messaging to our customer success team. Available during normal working hours you can chat online with one of the support staff who use ISMS.online daily and have been involved in helping many customers achieve their ISMS success.
Virtual Coach ‘Plus’ – we can tailor add-on virtual and physical support services to specifically help address thorny issues affecting your organisation, and help address small capacity or expertise gaps on the way.
ISMS.online partner engagements – where you have the bigger capacity or skill gaps, or a need or much more intimate and intense delivery focus we have a portfolio of partners internationally who can probably help meet your needs.
“Great way to see the power of the platform. Watching the videos in the ISO 27001 Preparation Project provides useful information. Marking the Virtual Coach activities as complete shows a progress bar which really instils the confidence needed to complete the policies and controls and just go for it! The Virtual Coach is well structured and easy to follow.”
Vin Jauhal, Managing Director at WEM Technology