• Inquiry
  • +81-3-6425-6735
    (Business hours 9:00 am - 6:00 pm)

ISO27001ISO27001 (ISMS) Certification

Information / Fees / Flow

Advantage of MASON's ISO27001 Acquisition Support

Top level experience with clients in the information systems industry.
An in-depth security knowledge and knowledge with the information systems industry allow MASON to build a management system that is customized to the customers’ actual business situation.
Support for certification by security consultants and auditors from leading companies.
MASON's consultants have an extensive experience in security consulting and auditing for the information systems and manufacturing industries.
MASON provides consulting services that minimize the customers' man-hours.
MASON's customers shared their concerns regarding the number of man-hours. MASON is committed to achieving 100% ISO27001 certification with a support structure that allows our clients to continue their current operations.

What is ISO27001 (ISMS)?

ISO/IEC 27001 is one of the leading international standards for information security management systems (ISMS).

ISMS Conformity Assessment System


This is a system in which a third party evaluates and certifies that the established ISMS conforms to ISO 27001/JISQ 27001. Once conformity to the "ISMS Conformity Assessment System" is determined, ISMS certification is obtained. Customers are required to receive a maintenance audit annually and certificate renewal audit triennially by a third-party certification organization.

Standards used as criteria

The requirements for information security management systems are based on the international standard ISO/IEC 27001 or the Japanese Industrial Standard JIS Q 27001. There is no limitation on the type of industry or business category that can be certified and any organization can maintain. It is an organizational framework for firmly managing the three major requirements of information security: confidentiality, integrity, and availability of information.
It is important to balance the "confidentiality," "integrity," and "availability" of information assets when considering security measures, and is also referred to as the "three elements of information security”.

Benefits of Acquisition

1. Minimizing security risks

ISO 27001 allows for an inventory of information assets, thus clarifying the criticality of the confidential information assets to be covered. By taking measures to prevent security breaches for those highly confidential information assets, it is recommended to strengthen the company's security level. As a result, security risks are minimized.

2. To increase credibility and customer satisfaction

Incorporating the requirements of global standards and reflecting them in the company's security policies and these standards will help customers feel secure in sharing confidential information. Therefore, it can be said that acquiring ISO27001 certification will directly improve customer satisfaction.

3. Increasing employees' awareness of information and strengthening compliance

Since strict rules are set and training is conducted to prevent information leaks and other related risks, it can be expected that awareness of information security and clarification of tasks regarding the handling of information can be improved. Internal communication will be facilitated and it will be clarified who is doing what.

ISO27001 (ISMS) Document Structure

MASON will assess the current situation and create deliverables from top to bottom.

ISMS (ISO27001) Certification Flow

The minimum consultation period for ISO certification is 4 months.

1. Establishment of ISO System
  • Identification of current confidential information assets.
  • Risk assessment
  • Information security policy formulation and preparation of various documents.
2. Review of ISO operation
  • Conduct internal auditor training and issue certificates for internal audit committee members.
  • Internal Audits
  • Assistance in conducting management reviews
3. ISO27001 External Audit
  • Pre- and post-ISO27001 acquisition external audit support.
4. Acquisition of ISO27001 certification and issuance of certificate of registration.
5. Post-ISO27001 Audit
  • Support for ISO27001 maintenance and renewal audits.

MASON Service Plans

MASON offers three service plans to meet your needs and budget.

* If the customers would like an immediate acquisition, MASON can obtain certification in as short as 3 months (Some prerequisites may apply.)

1. Standard Plan

Document preparation service
Recommended if the customers want to minimize costs and reduce workload.

Service Fee period
780,000 yen 3 months (minimum)

2. Full Outsource plan

One year of reliable support after ISO27001 certificate acquisition.
Recommended if the customers are anxious about maintenance audits after obtaining ISO certification and want to establish ISO operations in-house.

Service Fee period
1,380,000 yen Approx. 3 months (Obtaining certification)
12 months (Recurring Audit)
Security Practices Enhancement Plan

MASON will not only obtain ISO27001 certification, but also plan, execute, and monitor the information security measures necessary for the customers’ business. In addition, vulnerability assessments and penetration tests can be conducted upon request during the planning phase.

Comparison of ISO27001 Acquisition Services

  MASON Competitors
Acquisition Guarantee
100% certification guaranteed
Guarantee with conditions
Number of visits
Limited number of visits
Visiting Hours
Visits available after 6:00 p.m. on weekdays, weekends, holidays, etc.
Weekday business hours only
Documentation Policy
Conduct interviews to understand the company's current status, etc., and create various documents based on the information gathered.
Adapt the standard model and the rules.
Difficulty in developing a Quality management system that meets the customers' needs.
MASON prepares all major documents, minimizing the burden on the customers.
Customers revise and rename the sample documents from other companies.
ISO Auditors
Active ISO 27001 auditors on staff
Extensive experience in ISO 27001 audit attendance
Consulting firms with only external auditor qualification in external audits.
All consultants are SME diagnosticians and from major consulting firms.
Schedule and deliverable images are very clear at the time of the proposal.
Retired consultants from Quality Control departments become contractors.
Specific deliverables cannot be clarified before the consultation.
Acting as ISO secretariat for annual audits.
One year of post-acquisition ISO operation and training for employees.
Many consulting services are only for acquisition.
After acquisition, the follow-up services are visitations and consultations only.

ISMS (ISO27001) Operation Improvement Consulting

The most important aspect of ISO 27001 is its operation after acquisition. The rules established at the time of acquisition must be properly adapted to the company's condition and the global standard. This situation leads to multiple concerns such as uncertainty about operational decisions or lack of knowledge on which rules should be reformed.

Therefore, MASON has prepared "ISO Operation Improvement Consulting" as an operation improvement plan. This ISO operation improvement consulting service which utilizes our knowledge and experience can provide three benefits to the customers.

Effectiveness of ISO Operation Improvement Consulting

Reduced internal costs
Integration reduces in-house man-hours required for maintenance. In one case, we achieved a man-hour reduction of nearly 30%.
Significantly reduced number of pages in manuals
In one case, a manual totaling nearly 100 pages was reduced by nearly 70%.
Establishment of a management system in line with the current situation
Establishment of an integrated management system that can be operated according to the current level of your company. We realize a system that enables continuous business improvement.

Full support system for ISO operation improvement consulting.

Unlimited consultation on operational concerns via e-mail and telephone.
Customers can consult MASON with any questions or concerns related to the operation of ISO by e-mail without limitation.
Outsourcing of the ISO secretariat eliminates the risk of overlooking tasks through reduced volume of workload.
When the monthly task to be implemented, as determined by an internal document, comes around, the customers will receive an email confirming the implementation of the task. This eliminates the risk of overlooking the monthly ISO activities.
Can be applied for items pointed out during inspections.
The customers no longer have to worry about points raised during audits. MASON's consultants are always available for consultation so they can respond even at short notice.
Customers can select the kind of support needed.
MASON provide on-site support for employee training and internal audits that must be conducted in the course of ISO operations.
* Visiting support course

MASON provides services tailored to the customers' needs. Please contact us.

MASON offers a variety of services!

ISO27017 (Cloud Security) Double Certification Service

While obtaining ISMS/ISO27001 certification, MASON will simultaneously obtain ISO27017 which is the information security standard for the use and provision of cloud services.

ISO27701 (Privacy Information) Double Certification Service

We will simultaneously acquire ISO27017 certification, a highly GDPR-compliant standard for the use and provision of privacy information, in addition to ISMS/ISO27001 certification. Unlike the P Mark, the scope of certification can be limited.

MASON Consulting, Co., Ltd.

10th Floor Shiba Daimon Center Bldg.,
1-10-11 Shiba Daimon, Minato-ku, Tokyo

Location Map

MASON has acquired ISO27001 certification.

MASON is committed to implementing security measures in accordance with the Guidelines for Information Security Measures for Small and Medium Enterprises.