ISMS setup made simple. 
Get certified 2X faster, simpler and on budget.

“We found it very enriching to be able to achieve our planned certification so quickly and with such a high level of quality with the help of the toolkit and great advice. ” —  Klemens Vatterodt, COYO GmbH

Choose your plan


Membership for self-guided projects.

Includes Toolkit + Connect.


/ Month

Subscription. Cancel anytime. 


Membership with access to consultants.

Includes Toolkit + Connect + Consultant.


/ Month

Subscription. Cancel anytime. 

98.7% Audits passed • 495 companies certified

Secure payments via Stripe®.

98,7% Audits passed

Secure payments.

Powerful features in every plan:

Compliance Update

For 27001® & TISAX®

English & German

Unlimited support

Instant access


All 60 Documents & Guides

Ready-made, easy to edit document templates that cover all requirements of ISO 27001® and VDA® ISA / TISAX®.

Step-by-Step guide that helps you through every requirement of VDA® ISA / TISAX® and a ISO 27001® Introduction course.

All ISMS Connect-Content gets updated regularly to reflect changed norm requirements, new best practices and new audit conventions.


Private Slack Community

Get Access to a private Slack Community where you can discuss ISMS related topics with our consultants & other customers.

Get unlimited support on your questions in Slack by our consultants.

Find other companies that face the same challenges as you & connect with them to share experiences and learn as a team.



Consultant Support

Get private access to our consultants, unlimited support per E-Mail or Chat. Additional in-person consulting bookable at any time.

Additionally to the community support, you can get directly in touch with a consultant for special requests or requests containing confident informations.

Get invited to a weekly Zoom-Session where you can get directly in touch with our consultants.


Customer certification success is our #1 priority . That’s why we offer Support in every plan.

We strongly believe in the quality of the ISMS Toolkit to help your implement ISMS and meet compliance. Our products and services have delivered business-changing benefits to hundreds of organisations. If your project doesn’t take off fast enough, we add additional 6 months for free and help you to get back on track.

Unlimited Support in every plan

To help you succeed, every ISMS Connect plan offers unlimited Community or private support. Just reach out to us and get a fast, friendly answer so you can focus on your project.

6-month extended guarantee

PLUS, if you don’t make good progress during your initial six-month membership, we will give you an additional six months at no cost + free one-to-one consulting session to get you back on track.

The trust of tech experts and hundreds of companies across the EU

ISMS Toolkit customers save up to €30,000 and 3 months on ISMS implementation + ISO 27001 or TISAX® certification


Certification achieved


Certification success rate


Faster ISMS implementation

Helpful and friendly advice

“Certification according to VDA®-ISA/ TISAX® would not have been achieved so quickly if we had not used the great ISMS Toolkit templates. Moreover, the helpful and friendly advice we received was a great help and was also a lot of fun. Many thanks for this.”

Anika Merkel
Manager at
cyber-Wear GmbH

Certification so quickly

“We found it very enriching to achieve our planned certification so quickly and with such a high level of quality with the help of the toolkit and the great advice. Thanks a lot for this support.”

Klemens Vatterodt
Team Lead Service Delivery at

Excellent preparation

“With the help of your expertise and advice, we were able to understand and meet the requirements more quickly. ISO 27001 could be implemented promptly, and the certification body noted we had excellent preparation.”

Dr. Olaf Pätz
CEO of 
Outerscore GmbH

Full service for every situation

Are you searching for traditional consulting or a bigger license? We have it.

Full service consulting

Zero to certified

Get your ISMS project done by our consultants.

Full service with zero hassle.


Starting price per Project, depends on complexity

For bigger needs

Pro 25

For companies groups or consulting agencies.

Pro + License for 25 legal entities.


/ Month

Subscription. Cancel anytime. 

ISMS Toolkit benefits that set us apart

Why other companies choose the ISMS Toolkit

Well organised documentation, easily customisable for organisational needs

Keep track of your project. Know exactly where to start, what's done, and what to do next.

Step-by-step guidance and clear instructions to help you implement ISMS in accordance with ISO 27001 and TISAX®

Save over 90% compared to the cost of consultant with no effect on the quality

Every document is supported with built-in instructions that help move through the process.

No tech experience is required. The Toolkit makes it easy to build ISMS – even as a complete beginner.

We're here to help

Don't know where to start or not sure which plan is best for you? Get a free consultation with an ISMS Connect expert.

60 mins.  average response time

Personal 1-to-1 product consultation

Q&A with ISMS expert

Frequently asked questions

Have questions about the ISMS Toolkit?

Talk to our expert and see how your company can benefit from the ISMS Toolkit
The ISMS Toolkit is a collection of tools and templates designed to help you implement an information security management system (ISMS) that is compliant with the two most popular security standards: ISO 27001(the international standard for information security management) and VDA® ISA (TISAX®) (the information security standard for the automotive industry). The toolkit includes templates and guidance to create all ISO 27001:2013 and VDA® ISA policies, controls, processes, and procedures to meet the requirements of both standards, protect customer data, and make your business more secure.
ISO 27001:2013 is a leading international information security standard, specifying the requirements for an organisation’s information security management system (ISMS). An ISMS is a documented set of policies, procedures, processes, and controls designed to address all aspects of information security within your organisation. The standard was first published in 2005 and has been updated incrementally since then. ISMS is based on the fundamental concepts of information security, including people, processes, and technology. ISO 27001:2013 is recognised by governments and regulatory agencies across the globe. We’ve created this toolkit to help you get up and running with ISO 27001 quickly and easily, using best practice documentation methods.
TISAX® stands for “Trusted Information Security Assessment Exchange”. VDA® ISA (TISAX®) is a control system for security information. It provides guidelines to ensure an appropriate level of security for IT systems in the automotive industry. VDA® ISA (TISAX®) refers to the management of information technology as a critical infrastructure. In addition to data protection, this includes all aspects of Information Security, such as confidentiality, integrity, and availability. It consists of requirements from VDA® ISA (Verband der Automobilindustrie Information Security Assessment).

Yes. We recommend getting a copy of the ISO 27001 standard from the ISO® official website and VDA® ISA website. First of all, without one, you may find that you spend more time than necessary trying to locate answers to your questions. Having the actual source document will help you better understand all the information needed for the implementation process.

And secondly, during the certification process, you will need to show the auditor which criteria your ISMS is built against. So de facto, it is required for certification.

No, we don’t offer certification. Our goal is to help you set up an information security management system yourself with the ISMS Toolkit and prepare your organisation for the certification audit. To arrange certification, you need to contact a Registered Certification Body (RCB) in your region, who will conduct a two-stage audit to verify that you are compliant with the standard requirements.

Normally, the whole process can take up to 12-18 months, depending on the size and complexity of your organization. There are a number of stages that need to be completed before you can be standard certified. Even though many organisations focus on Information Security, the implementation of ISMS is not easy for everyone. There is a lot of work involved in preparing for an audit and being ready for certification. Without proper planning, the certification cost can be extremely high, with little to no return on investment.

From our experience, we know it’s possible to achieve certification much faster (4-6 months) and with less expense. And a lot of our customers actually do that. The ISMS Toolkit helps you cut certification time from 1-1.5 years to a few months, which saves thousands of your budget in the process.

In addition, there are further conditions that you should consider:

  • Having an information security responsible / project manager that is ISO or IT from the start who is committed and can work every day or every other day on ensuring that tasks are carried out, and defined processes are taking place.
  • Top management must commit and transfer responsibility to release documents to this person.
  • Having an existing certification like 9001 helps to achieve the best target of 3-4 months.
  • The organisation’s size has a lower impact (e.g. 100-500 employees often the same), more number of locations is a bigger impact.
  • Motivation to adopt new processes thorough departments.
  • Close working with HR and IT.

ISO27001 is one of the top security management systems available. Setting up an Information Security Management System (ISMS) for your company can be a lot to take on. It requires many risk assessments, policies, and procedures which all need to be reviewed and put together by someone in-house who has the necessary technical know-how. There are plenty of information security consulting companies out there that can provide an ISMS. However, they often charge a lot for their services and require additional onboarding projects. While external consultants are a good option for top-level companies, they are too expensive and time-consuming for small to medium enterprises. The cost of frequently hiring an external consultant is pretty high and requires additional time to find and manage them.

Small companies with fewer than 100 employees can expect to pay less than €10,000. Companies with over 100 employees and over €10 million in revenue can expect to pay more than €50,000.

The ISMS Toolkit is designed to eliminate large amounts of money, time, and human resources spent reinventing the wheel by using proven ready-made templates and processes. Focus on what is essential for your life and business instead. Prevent thousands spent on consultants delivering the same toolkit and save over 90% compared to the cost of an ISMS consultant with no effect on the documentation quality and business outcomes.

Doing the wrong things for the right reasons is still doing the wrong things. Without a clear strategy, step-by-step plan, and the help of a third party, achieving certification takes months of research, trial, and error. That’s why we created the ISMS Toolkit.

ISMS Toolkit gives you clear overview of the whole process.

See exactly what needs to be done. A well-organised and structured system that gives you an overview of the full scope, timeline, and all the information you need. Get a clear understanding of how much technical work is to be done so you can plan and estimate your project before going into detail.

The audit gives you the opportunity to see how your information security management system (ISMS) stacks up to the requirements of ISO27001. The risk of not passing the ISO27001 audit is very real. If your information security management system (ISMS) is not in line with the ISO27001 requirements, you run the risk of non-compliance, which could lead to hefty financial penalties or even losing customers. This is why you need a plan in place so that you can be as prepared as possible before going into the audit.

Internal audit:

An internal audit can’t be failed but can lead to poor results. There is no direct influence on the external audits besides consuming time. The most common result is remedy discrepancies, so you need to re-do it. To do so, you can always contact us to look into results to remedy discrepancies and help you develop a better solution.

External audit:

The audit can result in one of three possible outcomes: compliance, temporary certification, or non-compliance. The most common one is compliance. This is where everything is in order, and there are no outstanding issues. However, sometimes an organisation will receive a temporary certificate due to outstanding issues that need addressing. The last outcome is non-compliance. This means you’re not audited properly, or your systems don’t meet the requirements, so you require at least one improvement action before the next audit date.

We suggest they are! Most of the documents described in security standards are mandatory. These documents act as proof of a proper Information Security Management System. To verify your compliance, an auditor will review all the ISMS documentation, which means that what is not written down in your documentation needs to be proven in another way. Having all required ISMS documentation in place is a key element of successful security standards certification.
Yes, sure. We believe information security doesn’t need to be hard. Our goal is to give companies the tools they need to tackle the topic of “information security” themselves. The ISMS Toolkit is designed to help you implement ISMS yourself with step-by-step guidance and support without time and budget consuming external consulting services.
Yes, but it can be a variety of people, like an IT manager, quality manager, or something close to IT. A data protection officer is also possible. We also offer the position of external ISO as a bookable service.
Yes, we can help you with the auditor assessment. In addition to support and assistance through the process, we would be happy to advise and support you with audits with our customisable service options. Contact us for more information.
The ISMS Connect company is not a part or affiliated with any other company. Additionally, this site is NOT endorsed by any other company, including those listed below. TISAX® is a registered trademark of the ENX Association. VDA® is a registered trademark of Verband der Automobilindustrie. ISO® is a registered trademark of the International Organization for Standardization. DIN® is a registered trademark of Deutsches Institut für Normung (German Institute for Standardisation).

Secure your organisation & win more business

Kickstart ISMS implementation. Meet ISO 27001 / TISAX® compliance 2X faster. No large budgets, extensive human resources projects or technical experience required.