Instant 27001

Ready to use ISMS

Instant 27001 is a ready-to-use Information Security Management System (ISMS), which is mainly aimed at small to medium (IT) organizations. The pragmatic approach of Instant 27001 helps especially organizations with limited resources to design and manage all aspects of information security in compliance with the standard.

Steps to your information & IT security

We make information security management simple and enable companies of all sizes to pragmatically implement complex security requirements.

Everything included

Instant 27001 contains all documents that companies need to implement ISO 27001. This includes policies, procedures and also a comprehensive risk assessment covering the most common risks.

Internationally usable

Instant 27001 is available in English, German and other languages. Instant 27001 automatically generates essential documents explicitly required by the standard, saving valuable time during audits and reducing potential sources of error.

Practical add-ons

For Instant 27001 there are add-ons for ISO 27701 – an extension to ISO 27001 for a data protection management system – as well as for ISO 9001, the worldwide standard for quality management.

Project planning

Divided into an organizational and a technical track, the built-in project plan guides you through all the steps needed, providing helpful tips along the way.

Stakeholder analysis

An important part of the “Plan”-phase is to get a better understanding of your organization, the stakeholders and the requirements they might have. It makes sense to do so, because this will have an impact on how you design your ISMS.

In Instant 27001, all clauses and controls have their own page, which state the Requirement from the standard, an Instruction of what you should do, and under Implementation you will find an example, which then only needs to be modified to match your own organization.

The Implementation can also refer to another document. In this case, the Stakeholder analysis is defined on its own page, for readability.

Risk assessment

Perhaps the most important part of ISO 27001 is the risk assessment, and consecutively the selection of the proper security controls to mitigate the risks. Before we dive into that, the standard requires you to define a methodology first. Instant 27001 comes with a qualitative method, based on SPRINT.

To speed up the process, a list of 36 common threats is provided. We suggest you to start with evaluation these for relevance. After this, new risks can be added based on a built in Risk-template. This risk can be mitigated by establishing a Mobile device policy (A.6.2.1) and a Cryptography policy (A.10.1.1).

Statement of applicability

After all Annex A controls have been evaluated for relevance (their ability to mitigate one or more of the risks you have identified earlier), a Statement of applicability must be created. Instant 27001 does this automatically, by accumulating the information entered earlier on the pages of the controls.

Monitoring and measuring

Once the implementation of the security controls is done, ISO 27001 requires you to think about how you will monitor during the year that all controls are effective.

The security controls can be expanded with Check details, this information is then gathered to automatically create the Monitoring plan. Now all you have to do is transfer this schedule into your own calendar or ticketing system.

ISMS is not witchcraft

With the right tool it's easy! See for yourself ...

By loading the video, you agree to YouTube's privacy policy.
Learn more

Load video

Always unblock YouTube

Instant 27001 contains …

… all ISO 27001 requirements and controls

… a complete risk assessment

… all documents, policies and procedures

Supporting documents (±10) e.g. SWOT analysis, stakeholder analysis, scope description, roles and functions, objectives, awareness presentation
Policies (±20)
Procedures (±15)
Templates to add own policies and procedures
Automatically generated Statement of Applicability

… all necessary registrations

Asset management (workstations, phones, systems and (cloud) services)
Suppliers
GDPR processing register
Legal and contractual requirements
Changes
Incidents and non-conformities

… full PDCA support

Pricing

Instant 27001 is sold as a one-time (perpetual) license, for one (1) organization/deployment. There are no hidden charges, no maintenance fees and no recurring costs. After you purchase the content, its yours. Forever. Just like a book!

The price of the license depends on the size and structure of the organization. It is always possible to upgrade the license when your organization grows!

Instant 27001 Startup

€ 1.995

Instant 27001 Scaleup

€ 2.995

Instant 27001 Enterprise

€ 3.995

Prices plus applicable value added tax.

That’s it!

There are no hidden fees, no maintenance, and no recurring costs. The content is yours after you’ve bought it. Just like a book.

Consultancy services around Instant 27001

We accompany you on your way to successful ISO 27001 certification, for example with the following consulting services:

Execution of initial so-called “Enlightenment Workshops” (see download).
GAP analysis workshops, in which we work out in detail the state of your organization with regard to information security.
Auditing of your ISMS as required in the context of an internal audit.
Accompaniment of your certification.

Please contact us to discuss your requirements.