FAQs
ISO 27001 Readiness Services
Who is Ignyte, and what makes us qualified to evaluate your ISO 27001 certification?
“The Ignyte difference” is that the leadership is prior military and DoD, so we take our direct defense experience and bring it to you. We work with both small and large businesses to help them get through the hurdles of working with the government.
Our team members hold multiple certifications such as CISSP, Security+, CISA, and several other similar credentials.
Ignyte has been in the business for 10+ years and has worked through many cybersecurity frameworks, and as a company is considered ISO 27001 certified as well as an ISO 17020 inspection body, a FedRAMP-recognized 3PAO, CMMC Registered Practitioners (RP), and RP Organization (RPO), and has its Top Secret Facility Clearance.
Lastly, our CEO developed the original FedRAMP program office (NIST-800-53), and Ignyte has a Cooperative Research agreement with the US Air Force and US Navy to build CMMC-specific automation capabilities to help out small businesses. You can check out more information here.
Have you helped anybody do this before?
Yes, you can check out our CEO-to-CEO conversation here.
Riverain’s CEO:
“We realized that the scope and complexity of this project would probably eliminate other small businesses and saw an opportunity to gain a competitive advantage by getting certified at the earlier time.”
You can read more about Riverain’s ISO 27001 journey here.
How is pricing determined?
It depends on the scope, but generally, we use an overall fixed price or monthly fixed fee for the engagement.
What kind of involvement will Ignyte have throughout the project?
Ignyte holds weekly, bi-weekly, or, at minimum, monthly meetings with all customers to ensure we are with you through the entire lifecycle of the project.
If you need any support, we are available throughout the project within 48 hours at the latest.
How can i track the progress of the project in Real time?
What deliverables can I expect?
The Ignyte team can deliver the outcome based on the scope discussed.
You can expect our team to do the majority of the work required to complete things such as:
- Statement of Applicability (SOA)
- Policies & procedures development
- Corrective Action Plan and Deficiency Management
- Management Review Meetings
- Project Management
- Automation and security engineering configurations
- Audit readiness reports
Will we be 100% compliant with ISMS when the project is finished?
That depends on how aggressively you work towards meeting the ISMS Certification goal.
Things like IT asset purchasing is beyond the scope of our work.
You’ll typically fall anywhere from 80-90% complete after the engagement.
Are you an MSP?
No
Can you audit us if you do the work on implementation?
- We can do pre-audit
- Audit defense and help you get through the audit through a partnered firm as the external auditor.
- We can also help you reduce the cost of the external audit
- We can guarantee a high rate of success (95% success rate)
I see you have software; how does it work?
Ignyte leverages its software to help automate the program. Our software provides transparency for compliance status, evidence collection, uploaded artifacts, as well as many other areas. The Ignyte platform also allows for user access control, so there can be limits put on user access/visibility as needed. Lastly, the platform helps determine ISMS compliance. You do not need software, and we do not recommend automation before an audit readiness assessment.