-JS-20240807%20PNG.png)
ISO 27001
ISO 27001 is a globally recognised framework for proving you take information security seriously, not just with tech, but across your whole business. It’s the gold standard for showing customers, investors, and auditors that you’re not winging it when it comes to protecting data.
Why do I need ISO 27001
🧩 Unlock Bigger Deals
Enterprise buyers love a security-certified supplier. ISO 27001 gives you the credibility to land contracts that would otherwise stall at “can you fill out this 147-question infosec spreadsheet?”
🛡️ Build Trust at Scale
As you grow, your data risks grow too; and so does the scrutiny. ISO 27001 shows customers, partners, and investors that you take security seriously before it becomes a problem.
🛠️ Create Structure Without Bureaucracy
ISO isn’t about bloated policies, it’s about getting your house in order. Done right, it gives you a clear, flexible framework that helps your team move faster without comprimising security.
Our ISO 27001 services
Provide a general description of the items below and introduce the services you offer. Click on the text box to edit the content.
Bronze
Gap Analysis
Full internal audit of your ISMS to meet the requirements of 9.2. and to identify the gaps in your information security management system
Prices start at £2250 for orgs >10 people
Silver
Audit & Consultancy
Full internal audit of your ISMS to meet the requirements of 9.2 to identify the work needed to get you ready for certification, and hands-on support on closing those gaps.
Prices start from £7000
Gold
Managed Compliance
Fully managed service including use of automated continuous compliance platform, and a dedicated fractional CISO to get hands-on with the design, implementation, and operation of your security programme
Prices start from £18,000 p/a
Get a quote
We believe pricing should be transparent, but every organisation is different. The prices above are given as a guide but factors such as headcount, complexity, sensitivity of data processed, and physical locations can all increase the scope.
For a full quote complete the form below or book in a meeting to discuss.
What you get with us
Startups move fast. Security and compliance don’t always keep up, but your customers, investors, and enterprise buyers expect them to. That’s where we come in. Steel FYI helps early-stage and scaling companies get ISO 27001-ready (and actually understand it), without drowning in paperwork or generic advice. We work the way you work: lean, collaborative, and focused on what matters.
-
Straight-talking advice, no scare tactics
We cut through the fluff and jargon to give you practical, risk-based guidance that fits your stage — and your budget.
-
ISO 27001 made founder-friendly
We help you build a system that supports growth, not slows it down. No unnecessary bureaucracy, just the right amount of structure. -
Flexible, low-lift process
-
You’ve got a business to run. We embed security into what you already do, not bolt it on as an afterthought.
-
Ethical, accessible consultancy
We’re carbon-positive, LGBTQ+ led, and committed to making security accessible for every organisation — not just the enterprise giants. -
Done with you, not to you
This isn’t box-ticking. It’s a strategic partnership to get your business secure, compliant, and ready for the next level.
Martin K, CTO @ Seenons
“Despite the time pressure, Dan helped us prioritize the most critical areas, provided hands-on support, and gave clear, practical advice throughout. Thanks to his guidance, we successfully achieved certification. We’re very grateful for his expertise and collaboration.”
Guy E, CTO @
Granular Energy
"I highly recommend Dan as an outstanding cybersecurity professional. As our CISO, he played a pivotal role in steering us through the complexities of achieving ISO 27001 certification. Dan’s pragmatic approach, deep expertise, and ability to simplify challenges into practical steps made him an invaluable part of the team. He is not only highly knowledgeable but also approachable."
David C, Ops Lead @
Vocalls
Dan Steel provided excellent support during our ISO27001:2022 internal audit. His personal approach, deep understanding of the standards, and ability to explain complex issues clearly made the entire process smooth and efficient. Dan didn’t just point out areas of improvement; he offered practical guidance and actionable steps. His constructive feedback was invaluable, helping us strengthen our compliance framework. We truly appreciate his professionalism, attention to detail, flexibility and the time he invested in helping us succeed.