Menu

Menu

Menu

Menu

Featured

CEO Survey: A look inside the minds of Canadian CEOs

Director connect: Bringing you the latest boardroom perspective

Shift podcast: Amplifying the voice of industry experts

Loading Results

ISO/IEC 27001 certification

In an age of disruption and transformation, information security risk continues to be top of mind for most organizations, particularly as they look to use their data and information in new ways to generate insights for strategic decision making. ISO/IEC 27001 certification is a powerful way for organizations to build trust in their information security management system (ISMS) to turn risks into opportunities and better protect their valuable data and information assets. 

This international standard uses a risk-based approach to minimizing threats to your technology assets and offers a framework for other IT requirements you may have in place. By following this path to preserving the confidentiality, integrity and availability of your business information, your key stakeholders can have peace of mind that your information security program is well governed and controlled.  

Build trust in your information security management system

Our technology driven approach to certification

Technology is a foundational accelerator of PwC’s approach to certification, and your experience as a client. PwC delivers end-to-end certification processes through a digitally enabled technology backbone that reduces cycle time, drives quality, and enforces methodology consistency across our practice and the regions in which you operate. 

Our digital platform provides an efficient and client centric approach to certification by: 

  • Integrating client engagement management, planning and certificate control 
  • Facilitating assessor and client interaction and collaboration through a built-in client interface 
  • Providing one source of truth through a single location for the collection, verification and review of assessment evidence 
  • Delivering an efficient reporting engine to streamline the reporting process and certification decision

PwC Canada’s multidisciplinary teams bring together experience in information security, risk management, digital trust, internal controls, assessment and regulatory landscape. Our certification services connect you with information security management system specialists at the leading edge of a rapidly evolving technology ecosystem. 

How we can help – Certification Services

Pre-assessment for formal accredited certification

The pre-assessment helps you understand how your organization would perform against the formal ISO/IEC 27001 accredited certification audit. It evaluates how your organization is performing against the standard as an indicator of your ISMS maturity.

ISO/IEC 27001 certification

We offer certification and maintenance assessment services aligned with the ISO/IEC 17021-1 management system auditing standard so that your organization can be ISO/IEC 27001 certified.

How we can help – Management Systems Advisory Services (for non-PwC certified clients)

Value-added internal audit services

Conducting internal audits to identify non-conformances with your ISMS framework and non-compliance with legal, regulatory and/or contractual requirements is key to a successful information security management system implementation roadmap. We offer a comprehensive, value-added internal audit service that helps highlight management system issues and give recommendations for improvement.

Gap analysis, risk assessment, process design and documentation

Our team of information security governance, risk and control specialists can provide insights, advice and hands on support for the design and implementation of your ISO/IEC 27001 compliant management system. We bring our deep information security expertise combined with industry and regulatory insights to support your organization to embed a scalable and strategically aligned information security management system.

Related services

  • ISO 9001 Quality management systems

  • ISO 14001 Environmental management systems

  • ISO 45001 Occupational health and safety management systems 

  • ISO/IEC 20000-1 Information technology – Service management systems 

  • ISO/IEC 42001 Information technology – Artificial intelligence management systems

  • ISO 14064-3 Greenhouse gases

  • Programme for the Endorsement of Forest CertificationTM (PEFCTM) Chain of Custody and Sustainable Forest Management

  • Sustainable Forestry Initiative® (SFI®) Chain of Custody, Forest Management and Fiber Sourcing

  • American Tree Farm System® (ATFS®) Forest Management 

  • Forest Stewardship Council® (FSC®) Chain of Custody and Controlled Wood 

Switching your existing certification or verification services to PwC is easy and free

Make the switch

Follow PwC Canada

Contact us

Peter Koch

Peter Koch

Partner, Risk Services, National Certification Services Practice Leader, PwC Canada

Tel: +1 416 863 1133

Email
Steven Raduy

Steven Raduy

Managing Director, Risk Services, Management System and Certification Services Lead, PwC Canada

Tel: +1 604 806 7082

Email
Kartik Kannan

Kartik Kannan

Partner, Risk Services, Cyber Security and AI Trust, PwC Canada

Tel: +1 604 808 3580

Email
Kevin Siong

Kevin Siong

Director, Risk Services, Information Security and AI Management Systems, PwC Canada

Tel: +1 604-806-7780

Email
Travis Ducs

Travis Ducs

Partner, Risk Services, National Greenhouse Gas Verification Leader, PwC Canada

Tel: +1 403 509 7500

Email
Horatiu Muresan

Horatiu Muresan

Director, Risk Services, Greenhouse Gas Verification, PwC Canada

Tel: +1 780 441 6700

Email
Hide

© 2018 - 2026 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.