Get in touch with us



Office address

Im Gapetsch 9a, 9494 Schaan, Principality of Liechtenstein



Request

info@dataguardians.li

Send us a message

Frequently asked questions

u

What is ISO 27001 and why is it important?

An international standard for information security management systems (ISMS) that helps to protect data and processes.

u

Which companies should be certified to ISO 27001?

Companies of all sizes, especially those with sensitive data or regulatory requirements.

u

What are the benefits of ISO 27001 certification?

Greater security, lower risk, legal compliance and competitive advantages.

u

How does ISO 27001 certification work?

In three phases: Preparation, implementation and certification audit by an external body.

u

How long does the certification process take?

On average 6 to 18 months, depending on company size and ISMS maturity level.

u

What does ISO 27001 certification cost?

Between CHF 10,000 and 50,000, depending on company size and consulting costs.

u

What requirements does ISO 27001 place on a company?

Introduction of an ISMS, risk management, security guidelines and regular reviews.

u

What is an ISMS and how is it implemented?

A system for managing information security that is implemented through guidelines, processes and measures.

u

What technical and organizational measures need to be implemented?

Access controls, encryption, backups, training and other measures from Annex A of ISO 27001.

u

What does ISO 27001 certification cost?

Between CHF 10,000 and 50,000, depending on company size and consulting costs.

u

How long does the certification process take?

On average 6 to 18 months, depending on company size and ISMS maturity level.

u

How is a risk analysis carried out in accordance with ISO 27001?

Identification, assessment and treatment of security risks with risk mitigation measures.

u

How is the continuous improvement of the ISMS ensured?

Through regular audits, management reviews and adjustments to safety measures.

u

What role do internal audits and management reviews play?

Internal audits check the ISMS, management reviews evaluate and optimize the security strategy.

u

How often does recertification have to take place?

Every three years, with annual monitoring audits.

u

How can ISO 27001 be combined with other standards (e.g. ISO 9001, ISO 22301)?

Through an integrated management system (IMS) that combines several standards.

u

Which legal requirements are covered by ISO 27001?

Requirements for data protection (e.g. GDPR) and IT security (e.g. NIS2).

u

How can ISO 27001 help to meet data protection requirements (e.g. GDPR)?

Through structured processes for data protection measures and verifiability of security controls.