Apprilis

ISO 27001 Audit and ISO EN 27001:22 Transition Services

Focusing on empathy, engagement, and excellence, Apprilis is a user-inspired change and transformation partner. Our internal audit service offers a robust approach to help buyers develop and implement an effective ISMS audit programme. We will also help you achieve a successful transition to ISO 27001:2022, effective from 31 October 2025.

Features

• ISO27001 Risk Assessment & Risk Management
• ISO27001 Internal Audit -written reports/presentation packs in clear language
• ISO27001 Policy & Documentation Support
• ISO 27001 Pre-Assessment Review
• ISO 27001 Service Scoping and business case development-bespoke to buyer
• ISO 27001 Gap Analysis leading to implementation plan-baseline approach
• ISO 27001 Remediation Project Planning, Advice and Implementation
• ISO 27001 Business Impact Assessment/Risk Assessment/Risk Treatment-comprehensive analysis
• ISO 27001 ISMS Framework Development and Implementation
• ISO 27001 Develop/conduct three year Internal audit programmes-PDCA, Apprilis toolkits

Benefits

• Offers a robust approach to reducing risk
• Creates a supportive rather than critical approach
• Retains constantly high levels of transparency
• Undertaken by highly experienced security experts
• Implements global technical audit experience in second-party auditing
• Displays top grade credentials in operational resilience
• Offers opportunities to implement improvements in cyber security and resilience
• Delivers high level insight and advice to reduce unnecessary costs
• Offers experience of public sector/departmental working practices and procedures
• ISO 27001 certified company

£750.00 to £1,900.00 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at commercial@apprilis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

259978272306429

Contact

David Newbigging
0203 9849797
commercial@apprilis.co.uk

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Tigerscheme

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: There are no known constraints to the audit service.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: We aim to acknowledge all queries and requests within one working day.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Our focus will always be on delivering value for you.; Please note that these documents offer only a brief overview of the audit and transition process, and the actual process may involve more detailed steps to be taken depending on your organisation’s specific circumstances. Therefore, for every project we will agree a full Service Level Agreement (SLA) with you at the outset of the project, allowing us to provide an appropriate level of support for your needs. In this way, our team will keep you at the forefront of any decisions and provide fast, personalised support at scale.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 30/11/2021
• What the ISO/IEC 27001 doesn’t cover: Our whole business is covered by the ISO27001 accreditation.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  For each contract, we commit to: ; ; Enhancing environmental benefits and offsetting carbon emissions by contributing to 'Blue Carbon' ecosystems for each new resource onboarded. 'Blue Carbon' refers to carbon stored in coastal and marine ecosystems, such as mangroves, mitigating climate change effects like flooding by regulating water absorption. For every consultant recruited internally, we'll plant a mangrove tree via TreeApp, ensuring a 100% tree planting rate.; ; Encouraging habitat restoration and biodiversity conservation by having Tier 1 B-Corp suppliers plant trees for each external consultant acquired. Our Tier 1 B-Corp suppliers will plant a tree through Future Forests for every external consultant acquired from them. This translates to a 100% tree planting rate for our suppliers' recruitment efforts.; ; Upholding Waste Electrical and Electronic Equipment (WEEE) Regulations by donating all decommissioned technology to Tech4Inclusion (formerly Laptops4Learning Ltd) for repair and reuse, reducing digital inequality and environmental impact. Tech4Inclusion provides a secure and compliant service for businesses to dispose of their redundant electronic devices while preventing them from being destroyed and ending up in landfills. We'll also procure and use recycled technology (for Apprilis users) like mobile phones and laptops where feasible.; ; Reaffirming our pledge to achieve Net Zero emissions by 2050, by actively reducing transportation and waste, and encouraging recycling, remote working, and carbon footprint monitoring during the contract. Our Carbon Reduction Plan is accessible at www.apprilis.co.uk.; ; Partnering exclusively with Tier 2 suppliers holding B-Corp status or robust carbon emission policies, fostering a carbon-focused supply chain. This proactive approach encourages others to support our commitment to address carbon emissions and environmental concerns, aiding in meeting government net zero and carbon emissions targets.

  Covid-19 recovery

  For each contract, we commit to: ; ; Offering Gold Standard Cyber Security. Lapses in cyber security can put employees and businesses at risk. If data becomes compromised by a cyber-attack, reputations, finances, and social values are put at risk. By following practices to retain our Cyber Essential PLUS certification and our ISO 27001 accreditation we will support the resilience of our clients and the supply chain that depends on us.; ; Raising awareness of the digital divide legacy. COVID-19 highlighted the deficit in digital skills required to enable inclusion in everyday life. The use of digital platforms to socialise, shop, and bank quickly replaced face-to-face communications. ; This required a rapid upskill which left many individuals in the community behind. We will maintain our outreach efforts to support groups and organisations ensuring the benefits of the internet and digital technology are available to everyone.

  Tackling economic inequality

  For each contract, we commit to:; ; Fostering Economic Growth. We'll support new or small organisations by engaging with suppliers seeking to enter the public sector, aiding their growth and expertise development within Apprilis.; ; Ensuring Prompt Payments. As members of the Prompt Payment Code, we'll adhere to standards to ensure timely payment to suppliers, preventing financial strain, and supporting economic stability.; ; Expanding Access to Information and Education. We'll donate all decommissioned technology to Tech4Inclusion, bridging the digital divide and facilitating access to online educational resources. Additionally, with client support, we'll work towards establishing local community technology hubs at Apprilis’ sites for internet and technology access.; ; Supporting Educational Attainment. Through the Region of Learning initiative, we'll offer training schemes addressing skills gaps and resulting in recognised accreditations. To enhance accessibility, we'll introduce digital badges relevant to the contract, acknowledging skills gained by interns and individuals on work experience at Apprilis, promoting employability and social mobility.

  Equal opportunity

  For each contract, we commit to: ; ; Broadening recruitment pathways to include candidates from non-traditional routes, creating employment and training opportunities for those facing barriers to employment. As signatories of the Armed Forces Covenant, we will engage with partners and suppliers committed to providing enhanced job opportunities for former service personnel. ; ; Ensuring access to the tech sector for diverse talent pools, including individuals with unique skills and perspectives often overlooked in traditional recruitment. We promote inclusivity and diversity, paying for skills rather than gender or age, and employing outreach and inclusion strategies to attract a diverse pool of candidates. We will focus on outreach and inclusion to ensure that a diverse pool of candidates is aware of and interested in our opportunities. We will maintain a zero gender pay gap through the introduction of formalised pay scales and rate cards. We will incorporate blind recruitment techniques to remove identifying information such as ages and disabilities from application materials during the initial screening process.; ; Maintaining an equality-focused supply chain by partnering with suppliers and partners with active equal opportunities policies and formal diversity monitoring systems. This proactive approach encourages diversity and ensures access to a balanced workforce, fostering innovation and economic growth while challenging systemic inequalities. By providing opportunities for marginalised groups to participate in the economy, we can support local businesses, create jobs, and stimulate economic growth in underserved areas.

  Wellbeing

  For each contract, we commit to: ; Supporting health and well-being, including mental health, among our contracted workforce. Recognising the prevalence of mental health issues in the tech sector, we'll distribute a quarterly Mental Health newsletter to raise awareness and provide resources for support. Clients can also receive this newsletter if required. ; Demonstrating collaboration with communities by supporting volunteer initiatives, fostering personal and professional development, and contributing to positive social change. We find that engaging in volunteer activities can have positive effects on employee well-being and mental health. Giving back to others and making a difference in the community can boost feelings of happiness, fulfilment, and purpose, contributing to overall employee well-being and resilience. We'll organise volunteer days for all employees, contractors, and suppliers. ; Influencing staff, suppliers, customers, and communities to support strong, integrated communities through monthly culture workshops. Culture workshops help businesses and teams address toxic behaviours and prevent them from happening in the future. A workplace culture workshop helps uncover potential problems, address them, and put rules and guidelines in place to create a more positive work environment. Hosting a culture workshop gives everyone a chance to speak up, address concerns, and acknowledge that everyone’s feedback matters.

Pricing

• Price: £750.00 to £1,900.00 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at commercial@apprilis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.