Search
Close this search box.
Make a Payment

ISO Certifications

Audit Services

ISO Certifications

Need Help Determining If ISO Is Right for You?

ISO engagements have become increasingly important for organizations, especially those delivering products and services outside of the continental United States. ISO standards allow for the standardization of requirements and controls, providing customers with confidence that their systems and data are protected. Hancock Askew takes these standards very seriously and aims to continually position itself as the premier provider of quality ISO reports for organizations seeking to deliver peace of mind.

Learn more below about the different types of ISO reports we deliver to determine which report is best for your company:

  • ISO 27001:2022 Provides a framework and the necessary requirements for the design, implementation, and continuous monitoring of an Information Security Management System (ISMS). Have you considered your organization’s ability to sufficiently protect your systems and data?
  • ISO 27701:2019 Provides organizations with guidance for establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS).
Request a Quote

Year 1 – Initial ISO Certification

  • Stage 1 audit is usually carried out over 1 or 2 days and typically occurs onsite. For organizations with more than 1 location, the audits are usually carried out at your central function location.
  • Stage 2 audit evaluates the implementation and effectiveness of your organization’s management system(s).

Year 2 – Surveillance

  • The first of the Surveillance Audits is still checking that the documented processes comply with the Standard, but will only look at several mandatory processes and a selection of the remaining processes.

Year 3 – Surveillance

  • The final year in the three-year cycle will consist of another Surveillance Audit, covering several mandatory processes and the remaining processes not covered in the previous year.

Below are key dates for the transition period as defined by the International Accreditation Forum (IAF) August 2022 guidance.

4/30/2023

Accreditation bodies/auditors must be ready to assess to ISO 27001:2022.

10/31/2023

Organizations seeking initial ISO 27001 certification will be required to adopt the new standard.

4/30/2024

All existing ISO/IEC 27001:2013 Certified Clients shall be audited (surveillance or recertification audits) against ISO/IEC 27001:2022.

10/31/2025

Organizations with an active ISO 27001 certification will be required to transition to the new standard. All ISO 27001:2013 certificates issued after October 31st, 2022, will expire on October 31st, 2025.

ISO Services

  • ISO 27001:2013 & 27001:2022
  • ISO 27701:2019
ISO Impartiality & Inquiries

Relevant Insights

Leadership Team

Nirav Shah, CPA, CIA, CITP

IT Risk Assurance & Advisory Partner

View Bio & Contact Info

Need Help Determining If ISO Is Right for You?

Connect With An Expert
Facebook X-twitter Instagram Linkedin

Who We Are

Hancock Askew is a professional services firm providing services that include tax, audit, accounting, risk assurance and advisory, SOC examinations, ISO Certifications, transaction advisory, business valuations and other critical business consulting services.

Locations

Services

Quick Links

Stay Connected

Keep up with the latest financial trends, updates, and firm news by joining our community.

Join Our Newsletter