Skip to content
RPResiliencePilot

ISO 27001 readiness check

How ISO 27001-ready are you?

Ten questions across the ISMS lifecycle (clauses 4–10) and Annex A. You'll get a banded result on screen and a tailored report by email.

  1. 1. Have you defined the scope of your ISMS?

    Clause 4.3

  2. 2. Is there a top-management-approved information security policy with assigned roles and responsibilities?

    Clause 5

  3. 3. Do you have a documented information security risk assessment and treatment methodology?

    Clause 6.1.2–6.1.3

  4. 4. Have you produced a Statement of Applicability covering the Annex A controls (justifying inclusions/exclusions)?

    Clause 6.1.3(d)

  5. 5. Is there a risk treatment plan with owners and timelines?

    Clause 6.1.3(e)

  6. 6. Are competence, awareness and documented information managed?

    Clause 7

  7. 7. Are the Annex A controls in your SoA actually implemented and operating?

    Clause 8 / Annex A

  8. 8. Do you run an internal audit programme of the ISMS?

    Clause 9.2

  9. 9. Does top management conduct management reviews?

    Clause 9.3

  10. 10. Do you handle nonconformities, corrective action and continual improvement?

    Clause 10

This is an indicative self-assessment, not a formal gap analysis, audit, or legal/compliance advice.