Kickstart your client projects and grow your consulting business. Implement ISMS and get clients ISO® / TISAX® certified effortlesly.

“We found it very enriching to be able to achieve our planned certification so quickly and with such a high level of quality with the help of the toolkit and the great advice. ” —  Klemens Vatterodt, COYO GmbH
30-days risk-free money-back guarantee
98,7% Audit passed ・ 495 companies certified

Expert

Best for independent consultants or small agencies who would like to offer their clients ISMS, ISO®, TISAX® implementation services.

€199

per month, billed annually at €2388

ISMS Documentation Toolkit

Ready-made, easy to edit document templates save you time and money by building a streamlined process to create your own ISMS documentation.

The complete set of documents includes all ISMS policies, controls, processes, and procedures to meet the requirements of the ISO 27001 and VDA® ISA (TISAX®).

Lifetime documentation license for 10 client projects. + 1 year access to documentation updates, academy, community, and consultant assistance. Single user account.

Get 10 complete documents reviewed by an expert to ensure everything compliant. Documentation review quote may be used for one project or distributed across multiple projects.

ISMS Academy

A curated newsletter featuring the best information security content. Keep up-to-date with the latest infosec news and research, regulations, updates and events that might affect your organization.
1 year access to all our current and upcoming training programs, instructor feedback and additional content. Single user account.
Introduction course will teach you basic concepts of the ISO 27001 standard and enable you to properly implement an ISMS according to the standard requirements.
Step-by-step VDA® ISA / TISAX® training will guide you thought standard requirements and all steps of implementation standard compliant ISMS into your organisation.

The Information Security Officer program will prepare you to become an independent InfoSec Officer who can effectively manage organization’s information security program. It will also develop your leadership skills and give you the hands-on experience to be successful in one of today’s most important career. Coming later this year (Q3 2021).

The Infosec Consultant training is designed to prepare you to become an independent information security consultant. Learn how to sell and deliver information security consulting services to organization, understand the business case for information security, develop the skills to lead design of information security solutions, implement information security management systems, perform risk assessments, conduct security awareness training programs and much more.Coming later this year (Q4 2021).

ISMS Assistance & Support

Our team of information security experts are standing by to help you get started on your implementation project and answer any questions you might have. We provide unlimited support via live chat (regular business hours, CET timezone) and email, so you can be confident that we’ll be there when you need us.

We provide you with the entire process and all guidance you need to implement ISMS, but if you have any specific questions or need additional expert consulting above your membership plan limits, we offer our services on demand. Purchase additional hours of live expert consultation when you need some extra consulting above your membership plan.

One-hour initial meeting with an expert takes the guesswork out of the first steps in your project, offers practical tips, answers your questions, and helps you get started off on the right foot.

Pre-audit check with our ISMS expert is a great way to make sure documentation and processes are correct before the RCB conducts a Certification Audit. This meeting can also serve as an opportunity for you to explain the certification process, share best practices, answer questions and address concerns in order to ensure that your organisation is ready to audit.

ISMS Connect Community

ISMS Connect is a dynamic, fast-growing, and friendly community for anyone involved in information security management or interested in learning more about it. It was created to help people in the field of information security and risk management to improve their skills, learn security standards, network with other industry professionals and advance their careers.
The right place where you can get the tools and connections you need to advance your career and accomplish your life goals. Get inspired, network with top industry professionals, stay on top of breaking trends, and find inspiring opportunities to take your company or career to the next level.
Our monthly Q&A sessions are a great way to keep up-to-date on a particular area of expertise. You can ask your questions live during the session, and they will be answered by our team of experts. This is a great opportunity for you to get specific information on any topic of ISMS implementation and information security standards Sessions are recorded so that you can access them anytime!
We host live webinars on different topics related to ISO 27001, TISAX, and ISMS implementation. The webinars are designed to provide you with a convenient way to learn about the topic, ask questions, and get answers from our experts. Webinars are recorded so that you can access previous webinars anytime!

The Private Infosec Consultants Group is a place to share knowledge on how to build better-consulting businesses. Whether you are looking to start your own information security consulting business or looking to grow your practise, this group is for you.

Agency

Best for small and medium consulting firms with a larger amount of clients projects who are looking to scale their services to ISMS implementation. 

€299

per month, billed annually at €3588

ISMS Documentation Toolkit

Ready-made, easy to edit document templates save you time and money by building a streamlined process to create your own ISMS documentation.

The complete set of documents includes all ISMS policies, controls, processes, and procedures to meet the requirements of the ISO 27001 and VDA® ISA (TISAX®).

Lifetime documentation license for 50 client projects. + 1 year access to documentation updates, academy, community, and consultant assistance. Single user account.

Get 25 complete documents reviewed by an expert to ensure everything compliant. Documentation review quote may be used for one project or distributed across multiple projects.

ISMS Academy

A curated newsletter featuring the best information security content. Keep up-to-date with the latest infosec news and research, regulations, updates and events that might affect your organization.
1 year access to all our current and upcoming training programs, instructor feedback and additional content. Single user account.
Introduction course will teach you basic concepts of the ISO 27001 standard and enable you to properly implement an ISMS according to the standard requirements.
Step-by-step VDA® ISA / TISAX® training will guide you thought standard requirements and all steps of implementation standard compliant ISMS into your organisation.

The Information Security Officer program will prepare you to become an independent InfoSec Officer who can effectively manage organization’s information security program. It will also develop your leadership skills and give you the hands-on experience to be successful in one of today’s most important career. Coming later this year (Q3 2021).

The Infosec Consultant training is designed to prepare you to become an independent information security consultant. Learn how to sell and deliver information security consulting services to organization, understand the business case for information security, develop the skills to lead design of information security solutions, implement information security management systems, perform risk assessments, conduct security awareness training programs and much more.Coming later this year (Q4 2021).

ISMS Assistance & Support

Our team of information security experts are standing by to help you get started on your implementation project and answer any questions you might have. We provide unlimited support via live chat (regular business hours, CET timezone) and email, so you can be confident that we’ll be there when you need us.

We provide you with the entire process and all guidance you need to implement ISMS, but if you have any specific questions or need additional expert consulting above your membership plan limits, we offer our services on demand. Purchase additional hours of live expert consultation when you need some extra consulting above your membership plan.

One-hour initial meeting with an expert takes the guesswork out of the first steps in your project, offers practical tips, answers your questions, and helps you get started off on the right foot.

Pre-audit check with our ISMS expert is a great way to make sure documentation and processes are correct before the RCB conducts a Certification Audit. This meeting can also serve as an opportunity for you to explain the certification process, share best practices, answer questions and address concerns in order to ensure that your organisation is ready to audit.

ISMS Connect Community

ISMS Connect is a dynamic, fast-growing, and friendly community for anyone involved in information security management or interested in learning more about it. It was created to help people in the field of information security and risk management to improve their skills, learn security standards, network with other industry professionals and advance their careers.
The right place where you can get the tools and connections you need to advance your career and accomplish your life goals. Get inspired, network with top industry professionals, stay on top of breaking trends, and find inspiring opportunities to take your company or career to the next level.
Our monthly Q&A sessions are a great way to keep up-to-date on a particular area of expertise. You can ask your questions live during the session, and they will be answered by our team of experts. This is a great opportunity for you to get specific information on any topic of ISMS implementation and information security standards Sessions are recorded so that you can access them anytime!
We host live webinars on different topics related to ISO 27001, TISAX, and ISMS implementation. The webinars are designed to provide you with a convenient way to learn about the topic, ask questions, and get answers from our experts. Webinars are recorded so that you can access previous webinars anytime!

The Private Infosec Consultants Group is a place to share knowledge on how to build better-consulting businesses. Whether you are looking to start your own information security consulting business or looking to grow your practise, this group is for you.

Secure 128-bit SSL encrypted payment. Standart VAT rate may be charged. Upgrade or cancel anytime.

All plans include

Powerful features in every plan

1 year of updates and membership platform access

Unlimited expert support via chat & email

Lifetime ISMS documentation license for 1 company

Multilangual (EN & DE) products & documentation

Full ISO 27001 / TISAX® compatibility

Instant access to all products via one platform

ico-guarantee-badge

Customer certification success is our priority #1. That’s why we offer 100% risk-free money-back guarantee

We strongly believe in the quality of ISMS Toolkit to help your implement ISMS and meet compliance. Our products and services has delivered business-changing benefits to hundreds of organizations. Even so we still understand that this can be a considerable investment for some companies. That’s why we would like to give you full month to try out the ISMS Toolkit. This is a ZERO-risk opportunity. If our product doesn’t help you kickstart your ISMS project, we don’t deserve your money.

30-day money back guarantee

Try ISMS Toolkit for up to 30 days with no risk. If for any reason you are not completely satisfied, we’ll give you a full money-back. Just reach out to us and get a full, friendly, and fast refund.

6 month extended guarantee

PLUS, if you don’t have good progress during your initial 6-month membership, we will give an additional 6 months at no cost + free one-to-one consulting session to get you back on track.

We're here to help

Don't know where to start or not sure which plan is best for you? Get free consultation with ISMS Connect expert.

1 hr. average response time

Personal 1-to-1 product consultation

Q&A with ISMS expert

The trust of tech experts and hundreds of companies acrross EU

ISMS Toolkit customers saves up to 30,000€ and 3 month on ISMS implementation + ISO 27001 or TISAX® certification

495

Certification achieved

98,7%

Certification success rate

2X

Faster ISMS implementation

Excellent preparation ...

With the help of your expertise and advice, we were able to understand and meet the requirements more quickly. ISO 27001 could be implemented promptly and the certification body attested us excellent preparation.

Dr. Olaf Pätz
Outerscore GmbH

Helpful and friendly advice ...

Certification according to VDA®-ISA/ TISAX® would not have been achieved so quickly if we had not used the ISMS Toolkit great templates.

Moreover, the helpful and friendly advice we received was not only a great help but also a lot of fun. Many thanks for this.

Anika Merkel
cyber-Wear Heidelberg GmbH

Certification so quickly ...

We found it very enriching to be able to achieve our planned certification so quickly and with such a high level of quality with the help of the toolkit and the great advice. Thanks a lot for this support.

Klemens Vatterodt
Team Lead Service Delivery, COYO GmbH

ISMS Toolkit benefits that set us apart

Why other companies choose ISMS Toolkit

Scale your IT consulting practice with ISMS implementation projects

Help clients implement ISMS and meet ISO 27001 / TISAX® 2X faster. Kickstart client projects, deliver better service and grow your business.

Frequently asked questions

Have questions about ISMS Toolkit?

Talk to our expert and see how your company can benefit from ISMS Toolkit

ISMS Toolkit is a collection of tools & templates designed to help you implement an information security management system (ISMS) compliant with the two most popular security standards: ISO 27001(the international standard for information security management) and VDA® ISA (TISAX®) (the information security standard for the automotive industry). The toolkit includes templates and guidance to create all ISO 27001:2013 and VDA® ISA policies, controls, processes, and procedures to meet the requirements of both standards, protect customer data, and make your business more secure.

ISO 27001:2013 is a leading international information security standard, specifying the requirements for an organization’s information security management system (ISMS). An ISMS is a documented set of policies, procedures, processes, and controls that are designed to address all aspects of information security within your organization. The standard was first published in 2005 and has been updated incrementally since then. ISMS is based on the fundamental concepts of information security including people, processes, and technology. ISO 27001:2013 is recognized by governments and regulatory agencies across the globe. We’ve created this toolkit to help you get up and running with ISO 27001 quickly and easily, using best practice documentation methods.

TISAX® stands for “Trusted Information Security Assessment Exchange”. VDA® ISA (TISAX®) is a control system for security information. It provides guidelines to ensure an appropriate level of security for IT systems in the automotive industry. VDA® ISA (TISAX®) refers to the management of information technology as a critical infrastructure. In addition to data protection, this also includes all aspects of Information Security, such as confidentiality, integrity, and availability. It consists of requirements from VDA® ISA (Verband der Automobilindustrie Information Security Assessment).

Yes. We would recommend getting a copy of the ISO 27001 standard itself from the ISO® official website and VDA® ISA website. First of all without one, you may find that you spend more time than necessary trying to locate answers to your questions. Having the actual source document will help you better understand all the information needed for the implementation process.

And secondly during the certification process you will need to show auditor which criteria your ISMS is built against, so defacto it’s required for certification.

No, we don’t offer certification. Our goal is to help you set up an information security management system yourself with ISMS Toolkit and prepare your organization for the certification audit. To arrange certification, you need to contact a Registered Certification Body (RCB) in your region who will conduct a two-stage audit to verify that you are compliant with standard requirements.

Normally, the whole process can take up to 12-18 months depends on the size and complexity of your organization, and there are a number of stages that need to be completed before you can be standard certified. Even though many organizations focus on Information Security, the implementation of ISMS is not easy for everyone. There is a lot of work involved to prepare for an audit and be ready for certification. Even more without proper planning, the cost of certification can be extremely high with little to no return on investment.

In the same time, from our practice we know it’s possible to acchieve certification much faster (4-6 month) and with less expenses. And a lot of our customers actually do that. ISMS Toolkit helps you cut certification time from 1-1,5 year to a few month saving thousands of budget in the process.

In addition, there are several more conditions that you should to consider:

  • Having an information security responsible / project manager that is ISO or IT from start that is commited and can work every day or every other day on ensuring that tasks are carried out and defined processes are taken in place.
  • Top management must commit and transfer responsibility to release documents to this person.
  • Having an existing cert. like 9001 helps to achieve best target of 3-4 months.
  • Size of organization has lower impact (e.g. 100-500 employees often the same), more number of locations is a bigger impact.
  • Motivation to adopt new processes thorough departments.
  • Close working with HR & IT.

ISO27001 is one of the top security management systems available. Setting up an Information Security Management System (ISMS) for your company can be a lot to take on. It requires a lot of risk assessments, policies, and procedures which all need to be reviewed and put together by someone in-house who has the necessary technical know-how. There is plenty of information security consulting companies out there that can provide an ISMS but they often charge a lot for their services and required additional onboarding projects. While external consultants are a good option for top-level companies, they are too expensive and time-consuming for small to medium enterprises. The cost of hiring an external consultant often is pretty high and required additional time to find and manage it.

Small companies with fewer than 100 employees can expect to pay less than €10,000. Companies with over 100 employees and over €10 million in revenue can expect to pay more than €50,000.

ISMS Toolkit designed to eliminate large money, time, and human resource spending on reinventing the wheel by using proven ready-made templates and processes. Focus on what is essential for your life and business instead. Prevent thousands spent on consultants delivering the same toolkit and save over 90% compared to the cost of ISMS consultant with no effect on the documentation quality and business outcomes.

Doing the wrong things for the right reasons is still doing the wrong things. Without a clear strategy, step-by-step plan, and the help of a third party, achieving certification take months of research, trial, and error. That’s why we created ISMS Toolkit.

ISMS Toolkit gives you clear overview of the whole process.

See exactly what needs to be done. A well-organized and structured system that gives you an overview of the full scope, timeline all information you need. Get a clear understanding of how much technical work is to be done so you can plan and estimate your project before going into detail.

The audit gives you the opportunity to see how your information security management system (ISMS) stacks up to the requirements of ISO27001. The risk of not passing the ISO27001 audit is very real. If your information security management system (ISMS) is not in line with the requirements of ISO27001, you run the risk of non-compliance, which could lead to hefty financial penalties or even losing customers. This is why you need a plan in place so that you can be as prepared as possible before going into the audit.

Internal audit:

Internal audit can’t be failed but can lead to poor results. There is no direct influence on the external audits besides consuming time. The most common result is remedy discrepancies, so you need to re-do it. To do so you can always contact us to look into results to remedy discrepancies and help you to come up with a better solution.

External audit:

The audit can result in one of three possible outcomes: compliance, temporary certificate, or non-compliance. The most common one is compliance. This is where everything is in order and there are no outstanding issues. However, sometimes an organization will receive a temporary certificate due to outstanding issues that need addressing. The last outcome is non-compliance. This means you’re not audited properly or your systems don’t meet the requirements, so you require at least one improvement action before the next audit date.

We suggest to! Most of the documents described in security standards are mandatory. These documents act as proof of a proper Information Security Management System. To verify your compliance auditor will review all the ISMS documentation, which means that what is not written down in your documentation needs to be proven in another way. Having all required ISMS documentation in place is a key element of successful security standards certification.

Yes, sure. We believe information security doesn’t need to be hard. Our goal is to give companies the tools they need to tackle the topic of “information security” themselves. ISMS Toolkit designed to help you implement ISMS yourself with step-by-step guidance and support without time and budget consuming external consulting services.

Yes, but can be a variety of persons like IT manager, quality manager, or something close to IT, Data protection officer also possible. We also offer the position of external ISO as a bookable service.

Yes, we can help you with auditor assessment. In addition to support and assistance through the process, we would be happy to advise and support you with audits with our customizable service options. Contact us for more info

ISMS Connect company is not a part and not affiliated with any other company. Additionally, This site is NOT endorsed by any other company including those listed below.

TISAX® is a registered trademark of the ENX Association.
VDA® is a registered trademark of Verband der Automobilindustrie.
ISO® is a registered trademark of the International Organization for Standardization.
DIN® is a registered trademark of Deutsches Institut für Normung (German Institute for Standardisation).