ISO 27001:2022 Practitioner
Rounak Maheshwari
Founder, ISO READY 360 · ISO 27001:2022 Implementation Practitioner
Rounak Maheshwari is the founder of ISO READY 360 and an ISO 27001:2022 practitioner with direct, hands-on experience implementing Information Security Management Systems for startups and growing businesses. He built ISO READY 360 after going through the certification process first-hand and recognising that the existing market was dominated by expensive traditional consultancies — leaving lean teams without practical, affordable options.
ISO READY 360's templates, guides, and consulting services are all grounded in real auditor feedback and actual Stage 1 and Stage 2 audit experience — not adapted from generic compliance frameworks. Every document in the template library has been tested against ISO 27001:2022 audit scrutiny.
Rounak works primarily with SaaS companies, technology startups, and small-to-medium enterprises (SMEs) that need to achieve certification efficiently — typically within 2 to 6 months — without hiring a dedicated compliance team or paying traditional consultancy day rates.
His approach combines structured documentation (pre-built templates covering all 93 Annex A controls and mandatory clauses 4–10) with targeted advisory support, so teams can own their ISMS rather than depending permanently on external consultants.
Expertise
- ISO/IEC 27001:2022 implementation
- ISMS design and documentation
- Risk assessment (Clause 6.1)
- Statement of Applicability
- Annex A control selection
- Stage 1 & Stage 2 audit prep
- Notion · Confluence · SharePoint
Works with
- SaaS startups
- Technology SMEs
- Remote-first teams
- Globally distributed teams
Published Guides
ISO 27001 articles written from practitioner experience — no AI filler, no generic advice.
- What Is ISO 27001? A Plain-English Guide for Business Leaders
- Do I Need ISO 27001? How to Decide in 5 Minutes
- ISO 27001 Certification Cost: What You'll Actually Pay in 2025
- ISO 27001 for SaaS Startups: A Practical 90-Day Roadmap
- ISO 27001 Annex A: All 93 Controls Explained
- ISO 27001 Risk Assessment: Step-by-Step Guide
- ISO 27001 Certification Process: Stage 1 and Stage 2
- How to Run an ISO 27001 Internal Audit
- How to Write a Statement of Applicability That Passes Audit
- ISO 27001 vs SOC 2: Which Should You Pursue First?
- ISO 27001 Document List: Every Mandatory Policy and Record Required
- ISO 27001 Evidence: What Auditors Actually Look For in Stage 2
- ISO 27001 Scope Statement: How to Define It Correctly
- How to Write an ISO 27001 Information Security Policy
- How to Conduct an ISO 27001 Gap Assessment
- ISO 27001 Risk Treatment Plan: Build One That Passes Audit
- ISO 27001 Supplier Management: Third-Party Security
- ISO 27001 Incident Management: Build an Audit-Ready Process
- ISO 27001 Access Control: What Annex A.5.15 Requires
- ISO 27001 Business Continuity: What You Need
- ISO 27001 HR Security: What Annex A.6 Requires
- ISO 27001 Cryptography Policy: What Annex A.8.24 Requires
- ISO 27001 Cloud Security: 2022 Controls Explained
- ISO 27001 Management Review: Clause 9.3 Explained
- ISO 27001 Maintenance: Your Year-Round Compliance Calendar
- 10 ISO 27001 Myths That Are Costing Companies Time and Money
- How Long Does ISO 27001 Take? Timelines by Company Size
- ISO 27001 for Small Businesses: Is It Worth It?
Work with Rounak directly
Book a free 30-minute scoping call to discuss your ISO 27001 project. No obligation — just a clear picture of what it takes to get certified.
Book a Free 30-Min Scoping Call