ISO 270012022 for UK-Based Certification Bodies Playbook – Excel XLSX

ISO 270012022 Implementation Playbook for UK-Based Certification Bodies

64 professional files (6 PDFs + 58 Excel workbooks) | 349+ spreadsheet tabs | 2,730+ rows of structured content | 11 organised folders

ISO/IEC 27001 remains the leading information security management standard and an increasingly common contractual requirement. The 2022 revision updates Annex A controls, tightens governance expectations, and raises the bar on risk management evidence. Implementing the standard cleanly, and sustaining it through surveillance and recertification audits, takes a disciplined programme with the right artefacts in the right sequence.

WHAT YOU GET: A THREE-PHASE JOURNEY

Phase 1: Diagnose. Seven domain assessments (30 questions each, 210 total) score your maturity across Context and Scope Definition, Leadership and Governance, Risk Assessment Methodology, and related areas. You can complete the Quick Scan diagnostic in under an hour and know exactly where the biggest gaps and opportunities sit.

Phase 2: Set Goals. Five PM template workbooks with roadmaps, RACI matrices, milestone trackers, risk registers, and stakeholder communication plans. These lock in scope, timeline, and accountability before a single line of implementation work starts, which is consistently where programmes succeed or stall.

Phase 3: Implement. Nine operational runbooks and checklists covering incident response, compliance, governance reviews, and handover and integration. Every runbook is built to be followed by a working team, not read and filed. Pro tips, example rows, and common-mistake callouts give you the benefit of hard-won practitioner experience from the first day.

7 DOMAIN ASSESSMENTS (210 QUESTIONS)
•  Context and Scope Definition
•  Leadership and Governance
•  Risk Assessment Methodology
•  Annex A Control Implementation
•  Documentation and Record Management
•  Internal Audit and Compliance Verification
•  Management Review and Continual Improvement

9 OPERATIONAL RUNBOOKS
•  Annex A Control Implementation Guide
•  Certification Audit Readiness Runbook
•  Cross Domain Security Integration Checklist
•  Documentation Control Handoff Protocol
•  ISMS Scope Definition Runbook
•  Incident Response and Post Mortem Protocol
•  Internal Audit Fieldwork Runbook
•  Management Review Preparation Checklist
•  Risk Assessment Cycle Checklist

The full kit also includes a practitioner-grade library of PM forms spanning all five PMBOK process groups, KPI dashboards, risk and compliance registers, and reference cards. Every template comes pre-populated with domain-specific example data so your team can start editing, not staring at blank rows. You get a consistent operating system across diagnostic, planning, delivery, and sustainment, which is how mature programmes compound improvement year over year.

WHO THIS IS FOR: CISOs, ISMS managers, internal auditors, and consultants implementing or sustaining ISO/IEC 27001.

Aligned with ISO/IEC 27001:2022.

Instant download. Start your first assessment within the hour.