Kickstart your client projects and grow your consulting business. Implement ISMS and get clients ISO® / TISAX® certified effortlesly.

“We found it very enriching to be able to achieve our planned certification so quickly and with such a high level of quality with the help of the toolkit and the great advice. ” —  Klemens Vatterodt, COYO GmbH
30-days risk-free money-back guarantee
98.7% Audit passed ・ 495 companies certified

Expert

Best for independent consultants or small agencies who would like to offer their clients ISMS, ISO®, TISAX® implementation services.

€199

per month, billed annually at €2388

ISMS Documentation Toolkit

Ready-made, easy to edit document templates save you time and money by building a streamlined process to create your own ISMS documentation.

The complete set of documents includes all ISMS policies, controls, processes, and procedures to meet the requirements of the ISO 27001 and VDA® ISA (TISAX®).

Lifetime documentation license for 10 client projects. + 1 year access to documentation updates, academy, community, and consultant assistance. Single user account.

Get 10 complete documents reviewed by an expert to ensure everything compliant. Documentation review quote may be used for one project or distributed across multiple projects.

ISMS Academy

A curated newsletter featuring the best information security content. Keep up-to-date with the latest infosec news and research, regulations, updates and events that might affect your organization.
1 year access to all our current and upcoming training programs, instructor feedback and additional content. Single user account.
Introduction course will teach you basic concepts of the ISO 27001 standard and enable you to properly implement an ISMS according to the standard requirements.
Step-by-step VDA® ISA / TISAX® training will guide you thought standard requirements and all steps of implementation standard compliant ISMS into your organisation.
The Information Security Officer program will prepare you to become an independent InfoSec Officer who can effectively manage organization’s information security program. It will also develop your leadership skills and give you the hands-on experience to be successful in one of today’s most important career. Coming later this year (2021).
The Infosec Consultant training is designed to prepare you to become an independent information security consultant. Learn how to sell and deliver information security consulting services to organization, understand the business case for information security, develop the skills to lead design of information security solutions, implement information security management systems, perform risk assessments, conduct security awareness training programs and much more.Coming later this year (Q4 2021).

ISMS Assistance & Support

Our team of information security experts are standing by to help you get started on your implementation project and answer any questions you might have. We provide unlimited support via live chat (regular business hours, CET timezone) and email, so you can be confident that we’ll be there when you need us.

We provide you with the entire process and all guidance you need to implement ISMS, but if you have any specific questions or need additional expert consulting above your membership plan limits, we offer our services on demand. Purchase additional hours of live expert consultation when you need some extra consulting above your membership plan.

One-hour initial meeting with an expert takes the guesswork out of the first steps in your project, offers practical tips, answers your questions, and helps you get started off on the right foot.

Pre-audit check with our ISMS expert is a great way to make sure documentation and processes are correct before the RCB conducts a Certification Audit. This meeting can also serve as an opportunity for you to explain the certification process, share best practices, answer questions and address concerns in order to ensure that your organisation is ready to audit.

ISMS Connect Community

ISMS Connect is a dynamic, fast-growing, and friendly community for anyone involved in information security management or interested in learning more about it. It was created to help people in the field of information security and risk management to improve their skills, learn security standards, network with other industry professionals and advance their careers.
The right place where you can get the tools and connections you need to advance your career and accomplish your life goals. Get inspired, network with top industry professionals, stay on top of breaking trends, and find inspiring opportunities to take your company or career to the next level.
Our monthly Q&A sessions are a great way to keep up-to-date on a particular area of expertise. You can ask your questions live during the session, and they will be answered by our team of experts. This is a great opportunity for you to get specific information on any topic of ISMS implementation and information security standards Sessions are recorded so that you can access them anytime!
We host live webinars on different topics related to ISO 27001, TISAX, and ISMS implementation. The webinars are designed to provide you with a convenient way to learn about the topic, ask questions, and get answers from our experts. Webinars are recorded so that you can access previous webinars anytime!

The Private Infosec Consultants Group is a place to share knowledge on how to build better-consulting businesses. Whether you are looking to start your own information security consulting business or looking to grow your practise, this group is for you.

Agency

Best for small and medium consulting firms with a larger amount of clients projects who are looking to scale their services to ISMS implementation. 

€299

per month, billed annually at €3588

ISMS Documentation Toolkit

Ready-made, easy to edit document templates save you time and money by building a streamlined process to create your own ISMS documentation.

The complete set of documents includes all ISMS policies, controls, processes, and procedures to meet the requirements of the ISO 27001 and VDA® ISA (TISAX®).

Lifetime documentation license for 50 client projects. + 1 year access to documentation updates, academy, community, and consultant assistance. Single user account.

Get 25 complete documents reviewed by an expert to ensure everything compliant. Documentation review quote may be used for one project or distributed across multiple projects.

ISMS Academy

A curated newsletter featuring the best information security content. Keep up-to-date with the latest infosec news and research, regulations, updates and events that might affect your organization.
1 year access to all our current and upcoming training programs, instructor feedback and additional content. Single user account.
Introduction course will teach you basic concepts of the ISO 27001 standard and enable you to properly implement an ISMS according to the standard requirements.
Step-by-step VDA® ISA / TISAX® training will guide you thought standard requirements and all steps of implementation standard compliant ISMS into your organisation.
The Information Security Officer program will prepare you to become an independent InfoSec Officer who can effectively manage organization’s information security program. It will also develop your leadership skills and give you the hands-on experience to be successful in one of today’s most important career. Coming later this year (2021).
The Infosec Consultant training is designed to prepare you to become an independent information security consultant. Learn how to sell and deliver information security consulting services to organization, understand the business case for information security, develop the skills to lead design of information security solutions, implement information security management systems, perform risk assessments, conduct security awareness training programs and much more.Coming later this year (Q4 2021).

ISMS Assistance & Support

Our team of information security experts are standing by to help you get started on your implementation project and answer any questions you might have. We provide unlimited support via live chat (regular business hours, CET timezone) and email, so you can be confident that we’ll be there when you need us.

We provide you with the entire process and all guidance you need to implement ISMS, but if you have any specific questions or need additional expert consulting above your membership plan limits, we offer our services on demand. Purchase additional hours of live expert consultation when you need some extra consulting above your membership plan.

One-hour initial meeting with an expert takes the guesswork out of the first steps in your project, offers practical tips, answers your questions, and helps you get started off on the right foot.

Pre-audit check with our ISMS expert is a great way to make sure documentation and processes are correct before the RCB conducts a Certification Audit. This meeting can also serve as an opportunity for you to explain the certification process, share best practices, answer questions and address concerns in order to ensure that your organisation is ready to audit.

ISMS Connect Community

ISMS Connect is a dynamic, fast-growing, and friendly community for anyone involved in information security management or interested in learning more about it. It was created to help people in the field of information security and risk management to improve their skills, learn security standards, network with other industry professionals and advance their careers.
The right place where you can get the tools and connections you need to advance your career and accomplish your life goals. Get inspired, network with top industry professionals, stay on top of breaking trends, and find inspiring opportunities to take your company or career to the next level.
Our monthly Q&A sessions are a great way to keep up-to-date on a particular area of expertise. You can ask your questions live during the session, and they will be answered by our team of experts. This is a great opportunity for you to get specific information on any topic of ISMS implementation and information security standards Sessions are recorded so that you can access them anytime!
We host live webinars on different topics related to ISO 27001, TISAX, and ISMS implementation. The webinars are designed to provide you with a convenient way to learn about the topic, ask questions, and get answers from our experts. Webinars are recorded so that you can access previous webinars anytime!

The Private Infosec Consultants Group is a place to share knowledge on how to build better-consulting businesses. Whether you are looking to start your own information security consulting business or looking to grow your practise, this group is for you.

Secure 128-bit SSL encrypted payment. Standart VAT rate may be charged. Upgrade or cancel anytime.

All plans include

Powerful features in every plan

1 year of updates and membership platform access

Unlimited expert support via chat & email

Lifetime ISMS documentation license for 1 company

Multilangual (EN & DE) products & documentation

Full ISO 27001 / TISAX® compatibility

Instant access to all products via one platform

ico-guarantee-badge

Customer certification success is our #1 priority . That’s why we offer a 100% risk-free money-back guarantee

We strongly believe in the quality of the ISMS Toolkit to help your implement ISMS and meet compliance. Our products and services have delivered business-changing benefits to hundreds of organisations. Even so, we still understand that this can be a considerable investment for some companies. That’s why we would like to give you a full month to try out the ISMS Toolkit. This is a ZERO-risk opportunity. If our product doesn’t help you kickstart your ISMS project, we don’t deserve your money.

30-day money back guarantee

Try The ISMS Toolkit for up to 30 days with no risk. If for any reason you are not completely satisfied, we’ll give you your full money back. Just reach out to us and get a full, friendly, and fast refund.

6-month extended guarantee

PLUS, if you don’t make good progress during your initial six-month membership, we will give you an additional six months at no cost + free one-to-one consulting session to get you back on track.

We're here to help

Don't know where to start or not sure which plan is best for you? Get a free consultation with an ISMS Connect expert.

60 mins.  average response time

Personal 1-to-1 product consultation

Q&A with ISMS expert

The trust of tech experts and hundreds of companies across the EU

ISMS Toolkit customers save up to €30,000 and 3 months on ISMS implementation + ISO 27001 or TISAX® certification

495

Certification achieved

98.7%

Certification success rate

2X

Faster ISMS implementation

Excellent preparation ...

With the help of your expertise and advice, we were able to understand and meet the requirements more quickly. ISO 27001 could be implemented promptly, and the certification body noted we had excellent preparation.

Dr Olaf Pätz
Outerscore GmbH

Helpful and friendly advice ...

Certification according to VDA®-ISA/ TISAX® would not have been achieved so quickly if we had not used the great ISMS Toolkit templates.

Moreover, the helpful and friendly advice we received was a great help and was also a lot of fun. Many thanks for this.

Anika Merkel
cyber-Wear Heidelberg GmbH

Certification so quickly ...

We found it very enriching to achieve our planned certification so quickly and with such a high level of quality with the help of the toolkit and the great advice. Thanks a lot for this support.

Klemens Vatterodt
Team Lead Service Delivery, COYO GmbH

ISMS Toolkit benefits that set us apart

Why other companies choose the ISMS Toolkit

Scale your IT consulting practice with ISMS implementation projects

Help clients implement ISMS and meet ISO 27001 / TISAX® 2X faster. Kickstart client projects, deliver better service and grow your business.

Frequently asked questions

Have questions about the ISMS Toolkit?

Talk to our expert and see how your company can benefit from the ISMS Toolkit
The ISMS Toolkit is a collection of tools and templates designed to help you implement an information security management system (ISMS) that is compliant with the two most popular security standards: ISO 27001(the international standard for information security management) and VDA® ISA (TISAX®) (the information security standard for the automotive industry). The toolkit includes templates and guidance to create all ISO 27001:2013 and VDA® ISA policies, controls, processes, and procedures to meet the requirements of both standards, protect customer data, and make your business more secure.
ISO 27001:2013 is a leading international information security standard, specifying the requirements for an organisation’s information security management system (ISMS). An ISMS is a documented set of policies, procedures, processes, and controls designed to address all aspects of information security within your organisation. The standard was first published in 2005 and has been updated incrementally since then. ISMS is based on the fundamental concepts of information security, including people, processes, and technology. ISO 27001:2013 is recognised by governments and regulatory agencies across the globe. We’ve created this toolkit to help you get up and running with ISO 27001 quickly and easily, using best practice documentation methods.
TISAX® stands for “Trusted Information Security Assessment Exchange”. VDA® ISA (TISAX®) is a control system for security information. It provides guidelines to ensure an appropriate level of security for IT systems in the automotive industry. VDA® ISA (TISAX®) refers to the management of information technology as a critical infrastructure. In addition to data protection, this includes all aspects of Information Security, such as confidentiality, integrity, and availability. It consists of requirements from VDA® ISA (Verband der Automobilindustrie Information Security Assessment).

Yes. We recommend getting a copy of the ISO 27001 standard from the ISO® official website and VDA® ISA website. First of all, without one, you may find that you spend more time than necessary trying to locate answers to your questions. Having the actual source document will help you better understand all the information needed for the implementation process.

And secondly, during the certification process, you will need to show the auditor which criteria your ISMS is built against. So de facto, it is required for certification.

No, we don’t offer certification. Our goal is to help you set up an information security management system yourself with the ISMS Toolkit and prepare your organisation for the certification audit. To arrange certification, you need to contact a Registered Certification Body (RCB) in your region, who will conduct a two-stage audit to verify that you are compliant with the standard requirements.

Normally, the whole process can take up to 12-18 months, depending on the size and complexity of your organization. There are a number of stages that need to be completed before you can be standard certified. Even though many organisations focus on Information Security, the implementation of ISMS is not easy for everyone. There is a lot of work involved in preparing for an audit and being ready for certification. Without proper planning, the certification cost can be extremely high, with little to no return on investment.

From our experience, we know it’s possible to achieve certification much faster (4-6 months) and with less expense. And a lot of our customers actually do that. The ISMS Toolkit helps you cut certification time from 1-1.5 years to a few months, which saves thousands of your budget in the process.

In addition, there are further conditions that you should consider:

  • Having an information security responsible / project manager that is ISO or IT from the start who is committed and can work every day or every other day on ensuring that tasks are carried out, and defined processes are taking place.
  • Top management must commit and transfer responsibility to release documents to this person.
  • Having an existing certification like 9001 helps to achieve the best target of 3-4 months.
  • The organisation’s size has a lower impact (e.g. 100-500 employees often the same), more number of locations is a bigger impact.
  • Motivation to adopt new processes thorough departments.
  • Close working with HR and IT.

ISO27001 is one of the top security management systems available. Setting up an Information Security Management System (ISMS) for your company can be a lot to take on. It requires many risk assessments, policies, and procedures which all need to be reviewed and put together by someone in-house who has the necessary technical know-how. There are plenty of information security consulting companies out there that can provide an ISMS. However, they often charge a lot for their services and require additional onboarding projects. While external consultants are a good option for top-level companies, they are too expensive and time-consuming for small to medium enterprises. The cost of frequently hiring an external consultant is pretty high and requires additional time to find and manage them.

Small companies with fewer than 100 employees can expect to pay less than €10,000. Companies with over 100 employees and over €10 million in revenue can expect to pay more than €50,000.

The ISMS Toolkit is designed to eliminate large amounts of money, time, and human resources spent reinventing the wheel by using proven ready-made templates and processes. Focus on what is essential for your life and business instead. Prevent thousands spent on consultants delivering the same toolkit and save over 90% compared to the cost of an ISMS consultant with no effect on the documentation quality and business outcomes.

Doing the wrong things for the right reasons is still doing the wrong things. Without a clear strategy, step-by-step plan, and the help of a third party, achieving certification takes months of research, trial, and error. That’s why we created the ISMS Toolkit.

ISMS Toolkit gives you clear overview of the whole process.

See exactly what needs to be done. A well-organised and structured system that gives you an overview of the full scope, timeline, and all the information you need. Get a clear understanding of how much technical work is to be done so you can plan and estimate your project before going into detail.

The audit gives you the opportunity to see how your information security management system (ISMS) stacks up to the requirements of ISO27001. The risk of not passing the ISO27001 audit is very real. If your information security management system (ISMS) is not in line with the ISO27001 requirements, you run the risk of non-compliance, which could lead to hefty financial penalties or even losing customers. This is why you need a plan in place so that you can be as prepared as possible before going into the audit.

Internal audit:

An internal audit can’t be failed but can lead to poor results. There is no direct influence on the external audits besides consuming time. The most common result is remedy discrepancies, so you need to re-do it. To do so, you can always contact us to look into results to remedy discrepancies and help you develop a better solution.

External audit:

The audit can result in one of three possible outcomes: compliance, temporary certification, or non-compliance. The most common one is compliance. This is where everything is in order, and there are no outstanding issues. However, sometimes an organisation will receive a temporary certificate due to outstanding issues that need addressing. The last outcome is non-compliance. This means you’re not audited properly, or your systems don’t meet the requirements, so you require at least one improvement action before the next audit date.

We suggest they are! Most of the documents described in security standards are mandatory. These documents act as proof of a proper Information Security Management System. To verify your compliance, an auditor will review all the ISMS documentation, which means that what is not written down in your documentation needs to be proven in another way. Having all required ISMS documentation in place is a key element of successful security standards certification.
Yes, sure. We believe information security doesn’t need to be hard. Our goal is to give companies the tools they need to tackle the topic of “information security” themselves. The ISMS Toolkit is designed to help you implement ISMS yourself with step-by-step guidance and support without time and budget consuming external consulting services.
Yes, but it can be a variety of people, like an IT manager, quality manager, or something close to IT. A data protection officer is also possible. We also offer the position of external ISO as a bookable service.
Yes, we can help you with the auditor assessment. In addition to support and assistance through the process, we would be happy to advise and support you with audits with our customisable service options. Contact us for more information.
The ISMS Connect company is not a part or affiliated with any other company. Additionally, this site is NOT endorsed by any other company, including those listed below. TISAX® is a registered trademark of the ENX Association. VDA® is a registered trademark of Verband der Automobilindustrie. ISO® is a registered trademark of the International Organization for Standardization. DIN® is a registered trademark of Deutsches Institut für Normung (German Institute for Standardisation).