Heraklet provides end-to-end ISO/IEC 27001:2022 consultancy services to help organizations design, implement, and improve their Information Security Management System (ISMS). Our approach begins with a gap analysis and continues through risk assessment, control mapping, policy creation, and internal audit preparation. Using BSI-aligned practices, we ensure your compliance process is efficient, measurable, and audit-ready — whether you’re aiming for your first certification or upgrading an existing ISMS.

We assist organizations in preparing for full ISO/IEC 27001 certification with services including:

• ISO 27001 Readiness Assessment (Gap Analysis)
• Risk Assessment & Risk Treatment Plan
• Information Security Policy & Scope Documentation
• Identification of Assets, Controls, and Risks
• SoA – Statement of Applicability
• Control Implementation Guidance (ISO/IEC 27002 mapping)
• Internal Audit Planning & Execution
• Pre-certification Audit Support
• Continuous Improvement Strategies

Our ISO 27001 training programs are designed for professionals at every stage of the ISMS journey — from foundational understanding to audit execution. Delivered by certified trainers, the courses cover ISO/IEC 27001:2022 clauses, risk management, Annex A controls (per ISO 27002:2022), documentation practices, and internal audit techniques. Trainings are modular, practical, and optionally aligned with BSI certification tracks, ensuring participants gain both competence and confidence.

Participants can attend the training at Heraklet office at Hamburg, or we can deliver the training on-site at the customer’s facility upon request.

Ideal Participants;

• ISMS Managers and Leads
• Risk & Compliance Officers
• IT & Data Governance Teams
• CIOs, CISOs, and Internal Auditors
• Professionals preparing for ISO 27001 roles