Skip to content
Kellwick
← All services

4-6 weeks

ISO 27001 Readiness Sprint

Fix the gaps that put certification, surveillance or enterprise deals at risk.

Who it is for
Teams remediating before a certification or surveillance audit.
What it covers
Structured remediation across risk, SoA, policy, process and evidence.

An independent advisory practice for regulated technology teams.

  • IRCA Associate Auditor - ISMS
  • CQI Practitioner Member - PCQI
  • ISO/IEC 27001:2022 Auditor/Lead Auditor trained

What you receive

  • Gap tracker
  • Evidence map
  • Risk / SoA review
  • Policy / process review
  • Control owner map
  • Audit readiness checklist
  • Management review prep
  • Internal audit readiness notes
  • 30 / 60 / 90-day remediation plan

How the engagement runs

  1. Scope and align

    We confirm the boundary of your ISMS, the audit or deal driving this work, and what evidence already exists - so effort goes where it matters.

  2. Assess against reality

    We test controls the way an auditor will: risk register, Statement of Applicability, evidence quality and control ownership - sampled, not assumed.

  3. Report with clarity

    You get a clear, prioritized view of gaps - what is critical, what can wait - with no jargon and no padding.

  4. Plan the fix

    A concrete remediation plan with owners and sequencing, so the work continues with or without us.

Plan a readiness sprint.

Book a readiness call

Kellwick is an independent advisory practice. We are not a certification body and do not issue ISO certifications. Certification decisions are made only by accredited certification bodies.