Convince the managers

I am trying to convince at Managers about the implementation of ISO 27001, but is still not clear for them , they are focused in others subjetcs.

Looking about process for business core I found that we are ISO 28000 certified, so I was thinking that could be a good chance try to takle advantage for it and promote ISO 27001 implementation, maybe not all the items at first year but at least a Phase 1.

Could you help me sharing some information or expertice to get that goal?

Answer:
You need to show to the top management the benefits about the implementation of ISO 27001. Generally these benefits can be resumed in 4 points : Compliance, marketing edge, lowering expenses and putting your business in order. For more information about this, please read this article “Four key benefits of ISO 27001 implementation” : https://advisera.com/27001academy/knowledgebase/four-key-benefits-of-iso-27001-implementation/, and also see this free webinar “ISO 27001 benefits: How to obtain management support” : https://advisera.com/27001academy/webinar/iso-27001-benefits-how-to-get-management-buy-in-free-webinar-on-demand/

Furthermore, in your case, taking advantage of that your organization has implemented ISO 28000 and it is based on the methodology known as PDCA (Plan, Do, Check, Act), the implementation of ISO 27001 can be more easy because also has the PDCA (it is common point to all management systems). So, the implementation of ISO 27001 in your organization can be very easy.

For the implementation, maybe this article can be interesting for you “ISO 27001 implementation checklist” : https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/

Finally, maybe our online course about ISO 27001 can be also interesting for you "ISO 27001:2013 Foundations Course" : https://advisera.com/training/iso-27001-foundations-course/