🔐 ISO/IEC 27001:2022

ISO/IEC 27001 — Information Security Management

Accredited ISO/IEC 27001:2022 certification in Portugal. ISMS implementation, Stage 1 & 2 audit, IAF-registered certificate. Supports GDPR & DORA compliance. Free quote.

Request a quote → ✉ info@bcert.org
Key benefits

ISO/IEC 27001 — key benefits

Internationally recognised in 100+ countries via IAF MLA-registered partners

Required by EU, UK and US government procurement

Supports NIS2, DORA and GDPR compliance frameworks

Expert bilingual team (EN/PT) with proprietary BALTUM tools

Competitive, predictable pricing with fixed-milestone project plan

IAF-registered certificates

All ISO/IEC 27001 certificates issued via BALTUM's partner network are registered in the IAF MLA (International Accreditation Forum Multilateral Recognition Arrangement) — recognised by accreditation bodies, regulators, and enterprise procurement in 100+ countries.

Our 4-step process

How BALTUM delivers certification

01

Scoping & gap analysis

Boundary definition, current-state assessment, and tailored project roadmap with fixed milestones.

02

Documentation & controls

Policy and procedure development, evidence framework mapped to the standard's control set.

03

Stage 1 & Stage 2 audit

Document review then operational audit, findings report, and formal nonconformity register.

04

Certification & surveillance

Remediation support, certificate issuance via IAF-registered partner, and surveillance planning.

Frequently asked questions

Common questions about ISO/IEC 27001

What is ISO 27001?+
ISO/IEC 27001:2022 is the international standard for Information Security Management Systems (ISMS). It specifies requirements to protect information assets against cyber threats and supports GDPR and DORA compliance.
Is ISO 27001 required in Portugal?+
ISO 27001 is not legally mandatory but is required by EU and UK government procurement, major enterprise clients, and serves as primary evidence for NIS2 and DORA compliance obligations.
How does ISO 27001 relate to GDPR?+
ISO 27001 addresses the technical and organisational security measures required by GDPR Article 32. ISO 27701 extends 27001 to cover full privacy management, providing a formal GDPR certification pathway.
🔐

Who needs it?

ISO/IEC 27001:2022 is the international standard for Information Security Management Systems (ISMS). It specifies requirements to protect information assets against cyber threats and supports GDPR and DORA compliance.

💡

Expert team. Competitive pricing.

Our team includes qualified lead auditors fluent in English and Portuguese with expertise in information security, AI governance, and privacy. Proprietary BALTUM tools streamline certification — making it cost-competitive and predictable.

📋 Request a free quote

Related standards
🔏
ISO/IEC 27701Privacy Information Management
🤖
ISO/IEC 42001AI Management System
💳
PCI DSSPayment Card Security
SOC 2Trust Services Criteria