top of page

ISO27001 Guidance

WeShape required ISO27001 accreditation as part of their development and were looking for a partner to provide the required guidance and clarity. The organisation chose to partner with P3M works as a result of previous good works and fair costing.


The Challenge

WeShape were lacking the technical expertise to audit themselves and deliver ISO27001 internally and required external resource to assist them with this. The P3M works team remained accessible thought the process to answer questions and provide expertise when required by the WeShape team. Once WeShape had completed these actions. P3M works conducted a final audit to assess the results. Delivered a final lessons learned and provided advice before WeShape undertook the final iso accreditation one week later. The assessment was passed first time which was as a direct result of P3M Works’ ability the convey information. P3M Works also designed an Information Security Management System for WeShape with the focus on ease of use and compliance.

Our Approach

P3M Works conducted an initial audit using ISO27001 audit pack tools and techniques. The audit was used to inform and teach the WeShape Ops team about ISO27001 and its relevant elements, enabling them to remain current and competent. P3M Works provided advice on the selection of a phishing and cyber alerting tool, constructed cyber policies including risk management policies such as BYOD, and set cyber security objectives. WeShape was then provided with instructions and measurable outcomes that they needed to achieve to pass ISO27001.

The Outcome

WeShape went on the pass their ISO27001 accreditation.

bottom of page