Our Story

About us

We are a team of passionate information security officers

Hi there, and welcome to the ISO 27001 Academy! We are dedicated to helping individuals and organizations achieve certification.

Our main goal is to transform the quite abstract ISO 27001 standard into practical advice, help you write the require documentation, implement the control measures, and ultimately certify your organization!

Our story starts with a very poor audit..

Our story begins with John, an information security officer at a mid-sized company. John was relatively new to the role and was responsible for implementing the ISO 27001 standard. The company he worked for had decided to pursue certification to improve its security posture and be able to participate in tenders of prospects requiring the certificate.

A consultant was called in for help, and after months of work and a gap analysis, the company was promised that their freshly set up information security management system (ISMS) was ready to undergo the official ISO 27001 certification audit. John felt a mix of anticipation and anxiety as the audit date approached. He knew how much effort had been put into this preparation and was keenly aware of the stakes involved.

The day of the audit arrived, and the auditor, a seasoned expert named Karen*, began her thorough examination of the company’s ISMS. It didn’t take long before the audit turned into a nightmare. Apparently, the consultant forgot to provide the actual standard to John, as well as the guidance from the ISO 27002 document.

* anonymized for privacy purposes, sorry Karen’s



Our Mission and Core Values

Our mission is to provide individuals and organizations with the essential knowledge and skills to implement and achieve ISO 27001 certification. We aim to simplify this complex standard, clear up misconceptions about certification, and make our resources accessible to everyone, free of charge.

Stop Worrying, Start Implementing!

We get it, the ISO 27001 standard seems like huge bureaucratic pile of junk. But did you know that implementing a decent ISMS isn’t that hard? Just follow our steps!

Implementation Guide