Section 1 of 5 — Organisation Profile

ISO 27001 ISMS Complexity Assessor

Understand the scope and complexity of your ISO 27001 implementation before you begin.

This short assessment takes approximately 5 minutes. We'll ask about your organisation's size, data handling, technology, suppliers, and current security posture to generate a personalised complexity rating with tailored guidance.

Personalised complexity tier
Estimated audit duration
Key risk drivers identified
Tailored next steps

Organisation Profile

Let's start with some basics about your organisation.

Select all that apply.

Data & Information Assets

Now let's look at the data your organisation handles.

Select all that apply.

Select all that apply.

Technology & Systems

Tell us about your technology environment.

Third Parties & Supply Chain

Let's look at how your organisation works with external parties.

Current Security Posture

Finally, where are you starting from?

Select all that apply.

Accredited bodies (e.g. BSI, NQA, Schellman) are overseen by UKAS or equivalent. Non-accredited bodies may offer lower costs but are not always accepted by clients or regulators.

Standard ISMS

Your Complexity Score

Lean Standard Complex

What This Means

Resourcing Recommendation

Indicative Audit Costs

Key Complexity Drivers

    Recommended Next Steps

      Ready to take the next step?

      This assessment provides an indicative complexity rating based on typical certification body scoping criteria. It is not a formal audit scope or quotation. Results may vary based on your specific circumstances.