ComplianceClawComplianceClawEvidence-first compliance

Free • ISO 27001 • Readiness Checklist

Get a clear ISO 27001 starting point, before you waste weeks on the wrong work.

This free Readiness Kit helps you assess scope, evidence, and obvious gaps. It is designed to orient your team, not replace the templates and implementation work most companies need next.

What you’ll get

  • • 12-section readiness checklist, so you can see what belongs in scope first
  • • Minimum evidence pack summary, so you know what to gather before an auditor or buyer asks
  • • Common failure patterns, so you avoid fake progress and last-minute scrambling
  • • A practical next-step bridge, so you know whether to DIY, use templates, or get a tailored setup

Who it’s for

  • • SaaS startups preparing for a first ISO 27001 certification
  • • Founders or operators who need a realistic starting point, not a consultant pitch
  • • Teams under buyer, customer, or investor diligence pressure

What’s inside

The first five steps you should get straight

  1. Define scope: start with the systems and teams that matter most.
  2. Run a risk assessment: identify key assets, threats, and likely impact.
  3. Draft the SoA: show which controls apply and why.
  4. Assign ownership: make security work clearly owned.
  5. Set the baseline: get the core policy and evidence areas under control.

Minimum evidence pack

  • • Asset register
  • • Risk register
  • • Access logs and review cadence
  • • Onboarding and offboarding checklist
  • • Incident log, even for minor incidents

Get the free Readiness Kit by email

Instant PDF access after submit, plus a copy by email for easy forwarding inside your team.

Enter your work email and we’ll send the free Readiness Kit. You will also get instant access to the PDF straight after submission.

This free tier is diagnostic and orienting. It shows you what good looks like, but it does not include editable evidence templates or tailored folder setup.

PDF format. No credit card. We'll send a copy to your email and follow up with 4 short emails over 2 weeks to help you get started. Unsubscribe anytime.

How we handle your data: we only use it to send the checklist and respond if you reply. Details.

Prefer to browse first?

You can open the web version first, then decide if you just need orientation, ready-made templates, or a tailored setup.

Open web versionSee the Evidence Room Starter PackSee the Tailored Evidence Setup

Common pitfalls this checklist helps avoid

  • • Writing too much policy before defining scope and risk
  • • Collecting evidence too late and scrambling before review
  • • Leaving ownership vague across engineering, ops, and leadership
  • • Treating the audit as a one-off event instead of an operating process

If you need more than a checklist

Free: use this kit to understand the work and spot the obvious gaps.

€49 Evidence Room Starter Pack: move from diagnosis into action with folder structures, mapping guidance, and implementation notes.

€299 Tailored Evidence Setup: get the same outcome shaped around your stack, team, and timeline, fully async.

Read the web versionSee the Evidence Room Starter PackSee the Tailored Evidence Setup

How we handle your data

  • We use your email to send the checklist and respond if you reply.
  • We do not sell your data or share it with third parties for marketing.
  • You can unsubscribe anytime by replying “unsubscribe”.