Obtain ISO 27001 Certification to demonstrate conformity of your Information Security Management System (ISMS) requirements and create a framework that illustrates your security posture to current and potential organizations.
ISO 27001 provides an international standard and methodology for the implementation, management and maintenance of information security for organizations. Obtaining ISO 27001 certification demonstrates conformity of your Information Security Management System (ISMS) requirements and is a framework that can illustrate your security posture to current and potential organizations.
Marcum RAS, LLC is a certification body for ISO 27001 and can provide your organization with the following services:
Marcum RAS, LLC has developed an audit methodology for conducting ISO 27001 certification audits that is in conformity with ISO 17021:2015. The methodology addresses the steps of the certification cycle including Stage 1, Stage 2, Certification Decision, as well as the ongoing Surveillance audits that are required.
We communicate the audit expectations, timing, and deliverables to our clients through the audit planning documentation, kick-off/closing meetings, status sheets available through our client portal and regular meetings. Marcum RAS, LLC standard methodology provides consistency to the certification audits process.
As your certification body for ISO 27001, we have defined criteria for all certification decisions including granting, refusing, maintaining, renewing, suspending, restoring and withdrawing the certificate. These processes follow the requirements defined in ISO 17021:2015.
Marcum RAS, LLC communicates with our clients through the engagement team regarding all certification decisions. All decisions related to the ISO 27001 certification are approved by Marcum RAS, LLC senior leadership, and are required to follow our document certification processes.
Marcum RAS, LLCs' ISO 27001 certification logo is only to be used to illustrate conformance with ISO 27001. The use of our name and logo in regards to ISO 27001 certifications are governed by the terms and conditions in our contracts with clients. Marcum RAS, LLC monitors the use of its name and logo to ensure compliance with our contractual agreement and ISO 17021:2015.
Marcum RAS, LLC audit team strives to clearly communicate the justification for their decisions related to the certification activities. When a situation arises where the client does not agree with the audit team, they may appeal the decision to Marcum RAS, LLC leadership. A point of contact, who is separate from the audit team, is assigned to research the appeal Marcum RAS, LLC leadership will review the results of the research and communicate the decision to the client. Appeals may be generated directly with the client’s audit team or by submitting here.
Complaints filed against Marcum RAS, LLC or our certified clients are received, handled and resolved in accordance with ISO 17021:2015. Marcum RAS, LLC has developed a process managed by a team independent of our audit team to document and track the complaint. The complaint will be investigated and resolved in accordance with our documented policies. The complaint initiator will be kept informed through the process and of the complaint resolution. Complaints can be submitted here.
Inquiries regarding status of a given certification or inquiries on geographical areas that we operate can be submitted here. Received inquiries will be responded to in 48 business hours.
All professional personnel who work on auditing engagements and are required to be independent, sign a representation letter when hired and annually thereafter acknowledge their familiarity with the firm’s relevant ethical requirements policy and procedures, particularly with regard to independence and impartiality of all clients and related entities of the company. The representation letter also confirms personnel understanding that if a conflict of interest arises, they are required to immediately report the conflict to the managing partner. The representation letter also lists known circumstances and relationships that may create a potential threat to independence and impartiality or violate the firm’s relevant ethical requirements policy.
For more information about ISO 27001 Certification at Marcum RAS, LLC, please complete the form below or call Ben Osbrach at 440-449-6800.