Free Quotation -ISO/IEC 27001

At Forefront, we believe that certification should be a value-added service. We are not merely offering a compliance audit, and we dedicate our expertise towards your business, so you feel that achieving certification means something and not just a badge on the wall.

We will get back to you with the best quote as soon as possible. Please complete the form below to help us prepare the best quotation for you.

Please provide as much information as possible. Fields marked with an asterisk are mandatory.

    Standard(s)s Required

    ISO/IEC 27001:2022ISO/IEC 27001:2013 (Certification Transfers Only)

    Are there multiple sites to be certified Y/N?

    YesNO

    If yes, how many?   (Additional supplement will be sent for further information)

    Is there one ISMS which is centrally administered and audited and subject to a central management review
    YesNO

    Are all sites included within the internal ISMS audit programme
    YesNO

    Are all sites included within the ISMS management review plan
    YesNO

    If the company’s activities are all remote, with no premises or onsite working, please indicate so here
    YesNO

    If there are any activities conducted that are partially remote, please state the percentage.

    Type of management system:

    Specify other standards

    The extent to which the management system is integrated (as applicable):

    An integrated documentation set, including work instructions to a good level of development, as appropriate

    An integrated approach to internal audits.

    An integrated approach to policy and objectives.

    An integrated approach to systems processes.

    An integrated approach to improvement mechanisms, (corrective and preventive action measurement and continual Improvement).

    Integrated management support and responsibilities.

    Management Reviews that consider the overall business strategy and plan.

    Contact Details

    Consultant Name (as applicable):


    Information Details

    Type of application (please select from the following options)

    NewRenewalScope ExtensionTransfer (please send in your latest Certificate(s) and Report(s)

    Please specify the number of employees on each shift and the shift hours:

    Please list the number of employees in each area/site:

     

    FullTime

    PartTime

    Total

    No. of Persons per role with read-only or restricted access to the company’s information processing facilities.

    No. of persons who work in areas with strict rules to prevent disclosure of information, e.g. prohibiting personal belongings and devices into the work area

    Type of activities/ processes (e.g. data processing, receptionist, customer or supplier liaison)

    Information security risk level of tasks. (High, Medium, Low)

    Director(s)

    Manager(s)

    Administrator(s)

    State the number of personnel working on and offsite from the organisation’s premises.

    % of total work subcontracted

    Do you conduct any work at customer locations? (e.g. installation, repair, maintenance, construction works)

      

    % of work carried out at Clients Site

    Are there any activities that are outsourced or subcontracted? e.g. fabrication, transport, assembly, construction works.

      

    ISO27001 (Only) – Complexity Evaluation

    Remote work allowed

    Which best describes your organisation’s activities?


    (Critical business sectors are sectors that may affect critical public services that will cause risk to health, security, economy, image and government ability to function that may have a very large negative impact to the country)

    Which best describes your organisation’s processes and tasks?

    Which best describes your IT infrastructure complexity?

    What is your dependency on outsourcing and suppliers, including cloud service?

    What is the extent of your Information System development?

    Is there any ISMS related information (such as ISMS records or information about design and effectiveness of controls) cannot be made available for review by the audit team because it contains confidential or sensitive information?

    Do you have business relationships (customers, suppliers) in any sanctioned countries?
    https://www.gov.uk/government/collections/financial-sanctions-regime-specific-consolidated-lists-and-releases

    If yes, elaborate on how you ensure compliance with applicable sanctions laws or requirements:
    Are there any Politically Exposed Persons (PEPs) in the company ownership structure?
    E.g., board members or executives of international organisations, bank governors, senior government executives

    Is the company owned or controlled by a sanctions target?
    Notes:
    ” Sanctions target” refers to individuals or entities that have economic sanctions imposed on them.

    “Owned or controlled by a sanctions target” E.g. where a sanctions target has:
    (1) Greater than 50% of the company ownership.
    (2) Board members.
    (3) voting rights; and/or
    (4) Executive post, e.g., Chairman of the board, Chief Executive Officer (CEO)

    Is the company part of a group structure?

    If yes, please provide details of headquarters:


    Under GDPR, we will retain your data for legitimate interest only, safely and securely. Please verify our Privacy Policy for additional information.