ISO 27001 – Information Security Management Systems
ISO 27001 is an international standard that details the requirements for establishing and maintaining an information security management system (ISMS). An ISMS is an organised approach by which to manage an organisations information security. It encompasses people, processes & IT systems (hardware and software).
ISO 27001 should be used in conjunction with ISO27002, which provides an implementation route for the controls found in the standard.
If you are looking to certify your organisation against the ISO 27001 standard then you will need fit-for-purpose tools and materials to aid with the implementation of an ISO 27001 compliant ISMS. The practical solution to this requirement for fit-for-purpose tools and materials is The No 2. Integrated toolkit. This contains vsRisk, an ISO 27001 compliant information security risk assessment tool, The Manager’s Guide to Data Security, 4th Edition the de-facto industry guide on ISO 27001 compliance and a CD-ROM containing 450 of pages of essential templates, tools and procedures.
CxO Channel 
The other option is to engage a ISO 27001 consultancy to help. We did and it brought incredible benefit and cost saving.