ISO 27001 implementation

Answer: For the implementation of ISO 27001 an organization has to fulfill the requirements established on sections 4 through 10 of the standard. Broadly speaking, an organization has to:
- Define and document a scope based on the needs and expectations of interested parties relevant to information security
- Define, document and communicate an information security policy
- Define roles and responsibilities relevant to operation and management of information security
- Define a risk assessment and treatment methodology
- Define and allocate competencies and resources for the operation and management of information security
- Implement risk assessment and risk treatment
- Operate the security controls and generate the necessary records
- Measure, monitor and evaluate the information security performance
- Implement corrections and improvements

Any person can implement ISO 27001 in their organizations. To increase chances o f success, it is important that persons involved have experience in project management and knowledge of the standard.

These articles will provide you further explanation about ISO 27001:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
- Who should be your project manager for ISO 27001/ISO 22301? https://advisera.com/27001academy/blog/2014/12/01/who-should-be-your-project-manager-for-iso-27001-iso-22301/

2- How much time does it take for the implementation of ISO 27001 standard?

Answer: The time to implement ISO 27001 will depend on many variables, like the size of the organization, the complexity of the scope, the resources available, etc., but in general, for small and medium-sized organizations the implementation duration, can vary from 3 to 24 months.

To have an estimate based on your organization context, I suggest you to take a look at our free ISO 27001/ISO 22301 Implementation Duration Calculator at this link: https://advisera.com/27001academy/free-tools/free-calculator-duration-of-iso-27001-iso-22301-implementation/

3- What are the costs associated with this project?

Answer: Like in the previous answer, the costs associated to an ISO 27001 implementation will vary according to the size and complexity of the scope and the controls identified as needed as result of the risk assessment. What I can tell you are some cost issues you should consider:
- Training and literature
- External assistance
- Technologies to be updated / implemented
- Employee's effort and time
- The certification process

Regarding knowledge on costs, I suggest you these articles:
- How much does ISO 27001 implementation cost? https://advisera.com/27001academy/blog/2011/02/08/how-much-does-iso-27001-implementation-cost/
- 5 ways to avoid overhead with ISO 27001 (and keep the costs down) https://advisera.com/27001academy/blog/2012/06/19/5-ways-to-avoid-overhead-with-iso-27001-and-keep-the-costs-down/

4 - Is it possible that a trained personnel of my organization can implement this standard after getting training from the online courses.

Answer: Our online courses provide the knowledge necessary to understand and apply the concepts of ISO 27001, and with the expert support provided with our documentation toolkits a person can go though the implementation process.

These materials will also help you regarding ISO 27001 implementation process:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
- Conformio (online tool for ISO 27001) https://advisera.com/conformio/