Comprehensive services delivered by experts
Qualified experts
Our services are delivered by certified and experienced ISO lead auditors.
Complete review
We help you assess all relevant ISO 27001 clauses and Annex A controls.
Comprehensive report
Get a detailed report with actionable advice to improve your compliance.
Flexible delivery
We’ll work around your schedule to minimise disruption to your business.
Get a clear view of your ISO compliance
Our consultants are highly experienced ISO 27001 certified auditors and qualified to conduct a gap analysis in line with what your external certification body auditor will be looking for.
Our gap analysis service reviews existing policies, procedures, and technical controls to establish your readiness for ISO 27001 certification.
During the gap analysis, we will help you identify non-conformities and opportunities for improvement. We’ll also give you advice on any follow-up activities that may be required.
Benefits of getting an ISO 27001 gap analysis
Our ISO 27001 gap analysis service provides a detailed review of your current information security posture against the requirements of the standard.
Carried out by a certified lead auditor, this service will give you an informed assessment of:
- Your compliance gaps
- The proposed scope of your ISMS (Information Security Management System)
- Your internal resource requirements
- The potential timeline to achieve certification readiness
- Knowledge and information about the standard and how to achieve certification
Get a comprehensive Gap Analysis against the new ISO 27002:2022 controls.
Start today
Why choose Bulletproof?
Our ISO consultancy team is made up of highly experienced ISO 27001 certified auditors. We help businesses of all sizes audit, implement, and maintain their compliance standards, providing guidance on all aspects of the ISO standard.
We understand that every organisation has different priorities and requirements, which can make an audit process daunting. Our consultants work with you to ensure that your ISO gap analysis is not only comprehensive with clear report findings, but also causes minimal disruption to your business.
Here’s what our customers say about us
ISO 27001 compliance has helped us improve our security investment and build credibility with our global client base, as well as enabled us to successfully win UK Government procurement contracts. Bulletproof made the whole process easy and effortless from start to finish, strengthening our information security and improving our position in the industry.
We work extensively with Bulletproof both with Cyber Essentials and ISO 27001. I always find the team both helpful and knowledgeable.
Start your ISO 27001 gap analysis journey today
If you are interested in our services, get a free, no obligation quote today by filling out the form below.
ISO 27001 gap analysis FAQs
What is an ISO 27001 gap assessment?
Our gap analysis reviews existing policies, procedures, and technical controls to establish your readiness for ISO 27001 certification. The output of our analysis is a detailed report which will tell you areas of non-compliance and provide remediation recommendations.
What should we expect from an ISO 27001 gap analysis?
- A Bulletproof consultant will interview key stakeholders in your organisation and answer any questions about the requirements of the standard you may have.
- Bulletproof consultants use the information gathered in the gap analysis assessment to produce a detailed report broken down by the clauses and Annex A controls so that you can easily see areas that need to be addressed prior to certification.
- After you have had time to review the report, we will arrange a follow up call to answer any questions and discuss next steps with you.
Do we need an ISO 27001 gap analysis?
If you are planning to achieve ISO 27001 certification, then a gap analysis is an excellent first step towards becoming certified. It will help you to identify what you need to do and how much resource you will need to achieve it. If you have already had a gap analysis or are part of the way through, we can review your progress to make sure you are ready for the next stage.
What information should we provide?
During the kick-off meeting, the consultant will advise you on what information they require from you, which may well include copies of existing policies, procedures and company processes.
Who will need to be involved in the gap analysis interviews?
The consultant will need to speak to a variety of different people in the organisation, including at the minimum staff from senior management, IT, and the HR departments. Prior to conducting the interview, the consultant will arrange a kick-off meeting where they will get an in depth understanding of your business and from this will advise you as to who else they need to speak to.
How long does a gap analysis take?
Typically, a gap analysis takes somewhere in the region of four days. However, time spent will depend on the size and complexity of your organisation.
Rest assured; all our work is fixed price. Once the scope of work is defined & agreed upon, we deliver regardless of the time it takes.
Additionally, we strive to make this a hassle-free process by being flexible with the interview slots to help you schedule in a time that suits you.
What happens after the gap analysis report?
We will follow up after the gap analysis to answer any queries and discuss next steps, including supporting your implementation, and other services we offer which can help you to achieve compliance.
Gap analysis resources
Trusted cyber security & compliance services from a certified provider
