Skip to content
Kellwick

Services

Evidence, ownership and operating discipline - not just templates.

ISO 27001 support for companies that need their ISMS to work in practice: before certification, before a surveillance audit, and between cycles.

Which engagement fits where you are?

ServiceDurationBest forOutput
Readiness Review7-10 daysQuick, honest diagnosisReport + top gaps + 30-day plan
Readiness Sprint4-6 weeksPre-audit remediationEvidence map + gap tracker + readiness report
ISMS MaintenanceMonthlyCertified companiesMonthly ISMS status + evidence review + risk updates
Vanta / Drata Cleanup2-4 weeksCompliance platform usersControl ownership + evidence quality + cleanup plan
01

ISO 27001 Readiness Review

Know where you stand before the auditor does.

Who it is for
Teams that need a fast, honest diagnosis of audit readiness.
What it covers
Scope, risk register, SoA, evidence quality and top gaps.

You receive · 7-10 days

  • Readiness score
  • Top 10 gaps
  • Risk register review
  • Statement of Applicability review
  • Evidence quality review
  • Audit readiness report
  • 30-day remediation plan
02

ISO 27001 Readiness Sprint

Fix the gaps that put certification, surveillance or enterprise deals at risk.

Who it is for
Teams remediating before a certification or surveillance audit.
What it covers
Structured remediation across risk, SoA, policy, process and evidence.

You receive · 4-6 weeks

  • Gap tracker
  • Evidence map
  • Risk / SoA review
  • Policy / process review
  • Control owner map
  • Audit readiness checklist
  • Management review prep
  • Internal audit readiness notes
  • 30 / 60 / 90-day remediation plan
03

ISMS Maintenance Retainer

Keep risk, evidence, suppliers, reviews and controls alive all year.

Who it is for
Certified companies keeping the ISMS audit-ready between cycles.
What it covers
Ongoing operating discipline across the ISMS lifecycle.

You receive · Monthly

  • Risk register updates
  • Evidence review
  • Supplier review support
  • Access review support
  • Incident / change / release evidence review
  • Management review prep
  • Internal audit calendar
  • Corrective action tracking
  • Security questionnaire support
04

Vanta / Drata / Sprinto Cleanup

A compliance platform collects evidence. It cannot decide whether your scope, risks and control ownership make sense.

Who it is for
Teams using a compliance platform but lacking operating discipline.
What it covers
Scope, risks, SoA, control ownership and evidence quality.

You receive · 2-4 weeks

  • Control ownership map
  • Evidence quality review
  • Scope and SoA sanity check
  • Workspace cleanup plan

Not sure which one you need?

Start with a short call. If a readiness review is not the right first step, we will say so.

Book a readiness call