Stratia Consulting specialise in Information Assurance and Risk Management.

We have years of experience in providing information assurance and information risk management services to all kinds of businesses. It does not matter whether you run a small start-up company or a large corporation, we will ensure your assets are protected and maintained efficiently. Our aim is to find the best form of protection for your business and provide you with the means to manage risks effectively in order to minimise financial costs and prevent damage to your reputation.

Cookie Policy

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Contact Info

ISO 27001 Consultancy

ISO 27001

The ISO/IEC 27001 is a international information security management standard and one of the ISO/IEC 27000 family of standards that helps organisations keep information assets secure. Using this family of standards will help your organisation manage the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties.

ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS).

What is an ISMS?

An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process. It can help small, medium and large businesses in any sector keep information assets secure. The ISMS represent a set of policies, procedures, and various other controls that set the information security rules in an organisation.


ISO/IEC 27001 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS) within the context of the organisation. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organisation. The requirements set out in ISO/IEC 27001 are generic and are intended to be applicable to all organisations, regardless of type, size or nature.


ISO/IEC 27001 requires that management:

  • Systematically examine the organisation's information security risks, taking account of the threats, vulnerabilities, and impacts;.
  • Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
  • Adopt an overarching management process to ensure that the information security controls continue to meet the organisation's information security needs on an ongoing basis.

Like other ISO management system standards, certification to ISO/IEC 27001 is possible but not obligatory. Some organisations choose to implement the standard in order to benefit from the best practice it contains while others decide they also want to get certified to reassure customers and clients that its recommendations have been followed.

Using our Certified Lead Implementers Stratia Consulting provides consultancy for assessment and pragmatic implementation of an ISMS to guide organisations into compliance and certification with the ISO 27001 information security management standard.