LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

ISO 27001 Consultant effort

  Quote
Guest
Guest user Created:   Feb 04, 2017 Last commented:   Feb 04, 2017

ISO 27001 Consultant effort

Considering an ISO 27001 implementation project for a business works out to be 5 months:
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 04, 2017

1 -Would you be expected to be on site for the full 5 months? I would think this is very restrictive with regards to taking on more clients

Answer: It will depend upon your role in the implementation. Will you be responsible for elaborating and implementing policies and procedures, or will you provide support and orientation to your client team?

If your situation is the first one, you will probably have to be on site once or twice a week throughout the 5-month period.

If your role falls in the second scenario you probably will have to be on site only a few times to verify on-site implementations and orient the implementation team. But be aware that at the beginning of the project you will spent a lot of time on site to get things running.

2 - If you don’t have to be on site for the full 5 months, on average, how many days would you be expected to be on site? Of course, I understand that this would be dependent on scope and possibly work req uired as part of the risk treatment plan , but I am hoping you could give guidance from experience.

Answer: Since the project duration is only 5 months, I would recommend you to be on site from 2 or 3 days every 15 days. During this time you can verify the implemented controls, suggest and plan adjustment, prepare the team for the next phase, and most important of all, talk personally with management to report the project progress and get their feelings about the project.

3 - If you do not have to be on site for the full 5 months, do you/have you taken on more than one implementation at once? If so, how do you manage your time? (do you use a tool (e.g. MS Project), an assistant, or possibly a simple timetable)

Answer: The quantity of projects you can manage at same time will depend upon your need to be on site and the distance between sites. As a personal rule, I try to keep from 2 to 4 simultaneous projects where there is a need to be on site, so that in perfect conditions I can dedicate at least one day a week for each of them. If you work remotely this quantity may be greater. And regarding remote work, I suggest you take a look at our online ISO Tool, Conformio https://advisera.com/conformio/ , which can help you manage your projects.

These articles will provide you further explanation about consultant effort:
- 3 phases of delivering an ISO 27001/ISO 22301 consulting job https://advisera.com/27001academy/blog/2015/09/28/3-phases-of-delivering-an-iso-27001iso-22301-consulting-job/
- How to become an ISO 27001 / ISO 22301 consultant https://advisera.com/27001academy/blog/2014/07/21/how-to-become-an-iso-27001-iso-22301-consultant/

Additionally, I suggest you take a look at our Consultant toolkit https://advisera.com/27001academy/consultants/ . As part of the templates you can use to manage your consultation projects and stakeholder you are eligible to get continuous support from us throughout your implementation consultancies.

These materials will also help you regarding consultant effort:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://training.advisera.com/course/iso-27001-foundations-course/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 04, 2017

Feb 04, 2017

Suggested Topics

Guest user Created:   Apr 16, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 implementation

User guest Created:   Jul 14, 2020 ISO 27001 & 22301
Replies: 2
0 0

ISO 27001 queries

Guest user Created:   Apr 28, 2020 ISO 27001 & 22301
Replies: 1
0 0

Pricing a consultancy