Support Cases Information Security & Data Privacy

Explore targeted services that outline how Wintersmith Advisory helps organizations implement, maintain, and improve information security and data privacy management systems.

ISO/IEC 27001 - Information Security Management Systems

We help organizations implement, maintain, and audit ISO 27001-compliant information security systems that safeguard data, manage risk, and meet certification requirements. Whether you're protecting customer information, intellectual property, or internal systems, we deliver practical ISMS solutions tailored to your operations and threat landscape.

  • Wintersmith Advisory guides organizations through the structured implementation of ISO/IEC 27001:2022, building a certifiable Information Security Management System (ISMS) tailored to real-world risks and business needs. Services include gap assessment, risk treatment planning, control documentation, staff training, and audit readiness—ensuring your ISMS protects critical assets and meets stakeholder expectations.

    Click to view: ISO 27001 Implementation

  • We help organizations maintain ISO 27001 certification through internal audits, policy and procedure updates, risk register reviews, and corrective action support. Wintersmith Advisory keeps your ISMS aligned with current threats, compliance requirements, and business changes—ensuring it remains secure, effective, and continuously improving.

    Click to view: ISO 27001 Maintenance

  • Wintersmith Advisory performs independent ISO 27001 internal audits to assess compliance, evaluate control effectiveness, and prepare your ISMS for certification or surveillance. Aligned with ISO 19011 and ISO 27001:2022, our audits are objective, risk-focused, and designed to uncover actionable insights that strengthen information security.

    Click to view: ISO 27001 Audit

ISO/IEC 20000-1 – IT Service Management Systems

We support organizations in implementing, maintaining, and auditing ISO/IEC 20000-1-compliant IT service management systems that drive consistency, reduce downtime, and improve service delivery. From process design and SLA alignment to audit readiness, we build ITSMS solutions tailored to operational realities and certification requirements.

  • Wintersmith Advisory helps organizations implement ISO/IEC 20000-1-compliant IT Service Management Systems (ITSMS) tailored to their operations. We guide you through service scoping, process mapping, documentation, SLA development, and risk-based planning—ensuring your system supports reliable, efficient service delivery and is fully aligned with certification requirements.

    Click to view: ISO 20000-1 Implementation

  • We support the ongoing maintenance of ISO/IEC 20000-1-certified systems through structured performance reviews, risk assessments, documentation updates, and continual improvement planning. Whether you're preparing for surveillance audits or adapting to changes in services, tools, or teams, we help ensure your ITSMS remains current, compliant, and effective.

    Click to view: ISO 20000-1 Maintenance

  • Our internal audits assess the design, implementation, and effectiveness of your ISO/IEC 20000-1 IT Service Management System. We evaluate service performance, process integration, nonconformity controls, and audit trails—providing independent findings and actionable recommendations to prepare you for certification, surveillance, or recertification audits.

    Click to view: ISO 20000-1 Audit

ISO 22301 – Business Continuity Management Systems

We support organizations in implementing, maintaining, and auditing ISO 22301-compliant continuity systems that safeguard critical operations and reduce downtime during disruption. From impact analysis and recovery planning to audit preparation, we build BCMS solutions that strengthen resilience and ensure operational readiness.

  • Wintersmith Advisory implements ISO 22301-compliant business continuity systems that help organizations prepare for disruption, recover critical operations, and meet certification requirements. We guide your team through risk assessment, recovery strategy development, documentation, and audit readiness—building a BCMS that’s both practical and certifiable.

    Click to view: ISO 22301 Implementation

  • We support ISO 22301-certified organizations in keeping their business continuity systems effective and up to date. From reviewing risks and testing recovery procedures to updating documentation and supporting surveillance audits, we help ensure your BCMS remains aligned with real-world needs and ISO requirements.

    Click to view: ISO 22301 Maintenance

  • Our internal audits assess the design and performance of your ISO 22301 business continuity system, identifying nonconformities, gaps, and improvement opportunities. We prepare your team for certification, surveillance, or recertification with structured, standards-aligned audit services and actionable feedback.

    Click to view: ISO 22301 Audit