ISO 27035 – Info. Security Incident Mgmt. Assessment

Company Certification Int. offers professional conformity assessment services for organizations aiming to align with ISO/IEC 27035, the globally recognized guideline for managing information security incidents. While ISO/IEC 27035 is not certifiable, our structured assessment ensures your organization adopts best practices to effectively detect, respond to, and recover from security incidents.

What Is ISO/IEC 27035?

ISO/IEC 27035 is an international guideline designed to help organizations establish and maintain an effective Information Security Incident Management (ISIM) process. It includes guidance for:

  • Preparing for incident handling

  • Detecting and reporting incidents

  • Assessing and responding to incidents

  • Learning from incidents to improve the system

The current version (ISO/IEC 27035-1:2023) outlines principles and processes that align well with ISO/IEC 27001 and modern cybersecurity needs.

What We Offer

Company Certification Int. provides comprehensive conformity assessments that include:

  • Independent review of your incident management policies and procedures

  • Gap analysis based on ISO/IEC 27035 principles

  • Evaluation of detection, response, and communication mechanisms

  • Expert recommendations for closing identified gaps

  • Issuance of a Conformity Assessment Certificate (non-accredited)

Key Benefits

  • Improves cyber incident readiness and response

  • Supports ISO/IEC 27001 implementation and audits

  • Demonstrates commitment to global security standards

  • Builds trust with clients, regulators, and stakeholders

  • Identifies vulnerabilities and process improvement areas

Who Should Consider This Assessment?

  • IT service providers and MSPs/MSSPs

  • Financial institutions and fintech companies

  • Healthcare, insurance, and government bodies

  • Organizations managing personal, confidential, or regulated data

  • Any business pursuing ISO/IEC 27001 certification or needing robust incident handling

Our Delivery Method

  • Fully remote or hybrid assessment options

  • Fast turnaround and flexible scheduling

  • Secure digital reporting and documentation

What You’ll Receive

  • Gap Analysis Report

  • Recommendations aligned with ISO/IEC 27035

  • Optional improvement roadmap

  • Certificate of Conformity (3rd-party verified)

Frequently Asked Questions (FAQ)

Q1: Is ISO/IEC 27035 certifiable like ISO 27001?
A1: No, ISO/IEC 27035 is a guideline. It does not have certifiable requirements, but organizations can undergo a conformity assessment to show alignment.

Q2: What’s the benefit of a conformity assessment?
A2: It validates that your organization follows international best practices in security incident management and provides credibility in front of clients and partners.

Q3: Do I need ISO 27001 before doing this?
A3: No, but ISO/IEC 27035 complements ISO 27001 by covering incident management. It can be done as a standalone assessment or in support of ISO 27001 efforts.

Q4: Will you help improve our incident response process?
A4: Yes, we provide recommendations and, if needed, consulting services to enhance your processes based on the assessment findings.

Get Started

Let our team at Company Certification Int. help you assess, improve, and align your information security incident management process with ISO/IEC 27035.

FAQ's

Starting with your initial consultation with our ISO specialists and progressing through certification, the timeline can be as short as 15 days. However, the duration is contingent upon the size and complexity of your business. It's worth noting that we can often expedite the process and reduce costs by preparing the Documented Management System Manual on your behalf, which can also accelerate the certification for your business.

Following ISO 17021 guidelines, accredited certification bodies must provide certified organizations with certificates covering a 3-year certification cycle. Extensions beyond this timeframe are possible with the completion of necessary external audits and adherence to the certification cycle. ISO Certification, for instance, commonly issues certificates throughout a ten-year contract period.

At Company Certification, our dedication is to ensure that ISO certification remains cost-effective for all our clients. The expenses involved depend on various factors including your industry sector, annual turnover, number of employees, and other considerations. Feel free to utilize our complimentary calculator to receive an instant quote.

ISO certification is reserved for organizational entities, and not for individual professionals.

Conformity Assessment

Conformity Assessment

Apply Online

Apply Online

 
1 Start 2 Company Info 3 Complete
ISO Certification: This is an official, globally recognized certification proving that your management system meets international standards. Conformity Assessment Certificate: This is useful for demonstrating basic adherence to specific CE/ISO/EU guidelines and Norms.
Use control key to select multiple