ISO 27001 certification

The implementation duration depends on many variables (e.g., size and complexity of the scope, financial resources, and expertise available, etc.), but for very small and small-sized business generally is possible to implement ISO 27001 within 3 months. I suggest you take a look at our ISO 27001/ISO 22301 Implementation Duration Calculator at this link: https://advisera.com/27001academy/free-tools/free-calculator-duration-of-iso-27001-iso-22301-implementation/

This tool can help you estimate the implementation duration considering your company scenario.

Regarding ISO 27001 implementation approaches, you have three options:

• Implementing with your own employees (in general the cheapest and longest)
• Hiring a consultant (in general the costliest and fastest)
• Implementing by yourself with external support (a balanced solution)

Each one of them has its advantages and disadvantages, related to time, resources, and knowledge. For more information, I suggest you the following materials:

• 3 strategic options to implement any ISO standard https://advisera.com/blog/2016/04/11/3-strategic-options-to-implement-any-iso-standard/
• Implementing ISO 27001 with a consultant vs. DIY approach https://info.advisera.com/27001academy/free-download/implementing-iso-27001-with-a-consultant-vs-diy-approach

Advisera is specialized in the third approach. We offer toolkits with templates and expert support, and also free material in the form of articles, papers, and webinars, to help you with your implementation project. Please see these materials for more information:

• ISO 27001 Documentation Toolkit https://advisera.com/27001academy/iso-27001-documentation-toolkit/
• How to use a Documentation Toolkit for the implementation of ISO 27001 / ISO 22301 [free webinar on demand] https://advisera.com/27001academy/webinar/how-to-use-a-documentation-toolkit-for-the-implementation-of-iso-27001-free-webinar-on-demand/