ISO 27001 compliant

The coronavirus pandemic has affected every area of life and business, including various accreditations and popular ISO standards such as ISO 27001. Maintaining certification during lockdown and in the immediate weeks and months post-lockdown is important and so we’ve chosen to cover some ISO 27001 questions and answers regarding compliance in this blog to show how you can you achieve this.


The post-coronavirus world will be a challenging place, not least for businesses. Maintaining key certifications such as ISO 27001 is key to the continued success of your business. There will be guidelines in place regarding social distancing, for example, something that affects certification and audits.

What can we expect?

1 Virtual meetings

For businesses, online or virtual meetings won’t be a strange process – the lockdown has ensured that any kind of contact between employees and outside agencies is not face-to-face. Many businesses have realised that virtual meetings are an efficient means of maintaining contact but when it comes to audits for certifications such as ISO 27001, they’ll possibly be the norm for some time to come.

2 On-site visits on hold

If on-site visits cannot be executed to a sufficient standard online or virtually, on-site visits will be scheduled for later in 2020 or be pushed back in 2021.

All certification bodies are working with their clients to ensure the issue of certification to achieve ISO 27001 for example is not delayed as a result of not conducting site visits.

How can you remain compliant during and after the pandemic?

The likelihood is that there will be guidelines and regulations governing how businesses can operate post-lockdown. This may have an impact on your business, including remaining compliant with ISO 27001 and other standards.

What should you do to remain compliant?

  1. Reach out to your certification partner – if, like most businesses and organisations, you have chosen to work with an expert certification partner, reach out to them as soon as you can. With the current situation in mind, we have been reaching out to all our clients to update arrangements successfully.
  2. Coordinate with internal stakeholders – many people within your company have a vested interest in all aspects of the business, ISO 27001 certification included. Keep everyone updated as to the changes, including updates with your various schedules.
  3. Highlight changes and modifications to your wider audience too – external stakeholders also need to be kept in the loop about how your certification maybe affected but also what you have put in place to maintain momentum to work towards successful completion.

Getting through difficult times

No matter what you do or what you plan for as a business, the pandemic will leave its mark, throwing the best-laid plans into chaos. But with forethought and support, you can keep your business compliant and on-track.