Hicomply feature

Yearly saving

Automated scoping Easily scope your ISMS with the Hicomply platform

Asset register autogeneration A shorter learning curve for organisations and a simplified process

Risk assessment Autogenerate your risk register and risk treatment plan

Extended policy templates 90% of the essential are already written out of the box

Controls framework All controls are pre-loaded and already linked to the risks they mitigate

Task management Automate all actions, administration and setup time of your ISMS

Real time monitoring Understand status and progress across your ISMS with the Hicomply dashboard

Compliance & Training Your whole team, on the same page

Audit readiness Hicomply makes sure you have everything in place for your audit

Auditor access Give auditors a dedicated login to access and audit your ISM

ISO27001 - Nov 30, 2021

ISO 27001 Hub

What is ISO 27001 and ISMS?

ISO 27001 is the international standard which is recognised globally for managing risks to the security of information you hold. Certification to ISO 27001 allows you to prove to your clients and other stakeholders that you are managing the security of your information. ISO 27001:2022 (the current version of ISO 27001) provides a set of standardised requirements for an information security management system (ISMS).

Benefits of ISO 27001

Win more B2B business and tenders
Open up new markets and sectors
Improve customer retention
Reduce time to complete tenders

Achieve ISO 27001 with Hicomply

Managing ISO 27001 is time consuming and resource-heavy. If you can automate the administration as much as possible and have all staff self-serving their obligations within the Hicomply platform, then you free-up your compliance team to focus on their core objectives. Hicomply out of the box provides you with everything you need for your ISMS.

ISO 27001 Required Documents	ISO 27001 Controls
4.1 Understanding the organisation and its context	A.5 Information security policies
4.2 Understanding the needs and expectations of interested parties	A.6 Organisation of information security
4.3 Determining the scope of the information security management system	A.7 Human resource security
4.4 Information security management system	A.8 Asset management
5.1 Leadership and commitment	A.9 Access control
5.2 Policy	A.10 Cryptography
5.3 Organisational roles, responsibilities and authorities	A.11 Physical and environmental security
6.1 Actions to address risk and opportunity	A.12 Operations security
6.2 Information security objectives and planning to achieve them	A.13 Communications security
7.1 Resources	A.14 System acquisition, development and maintenance
7.2 Competence	A.15 Supplier relationships
7.3 Awareness	A.16 Information security incident management
7.4 Communication	A.17 Information security aspects of business continuity management
7.5 Documented information	A.18 Compliance
8.1 Operational planning and control
8.2 Information security risk assessment
8.3 Information security risk treatment
9.1 Monitoring, measurement, analysis and evaluation
9.2 Internal audit
9.3 Management review
10.1 Non-conformity and corrective actions
10.2 Continual improvement