Guest user Created: Apr 14, 2018 Last commented: Apr 14, 2018

Implementation duration

We have around 250 employees, and I'm starting to gather people for the project of the ISO 27001/22301/27018 implementation. Can you please advise me, based on your experience, how long the process could last, and how many people we should include in this project?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Apr 14, 2018

Answer: The time to implement ISO 27001 will depend on many variables, like the size of the organization, the complexity of the scope, the resources available, etc., but in general, for small and medium-sized organizations the implementation duration, can vary from 10 to 12 months.

To have an estimate based on your organization context, I suggest you to take a look at our free ISO 27001/ISO 22301 Implementation Duration Calculator at this link: https://advisera.com/27001academy/free-tools/free-calculator-duration-of-iso-27001-iso-22301-implementation/

Regarding how many people should be included in the project, there is no definitive number you should consider (this number also depends on the complexity of the scope), but to increase chances of success, it is important that persons involved have experience in project management and knowledge of the standard.

These articles will provide you further explanation about ISO 27001:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
- Who should be your project manager for ISO 27001/ISO 22301? https://advisera.com/27001academy/blog/2014/12/01/who-should-be-your-project-manager-for-iso-27001-iso-22301/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Apr 13, 2018

Expert Advice Community