Course

ISO 27001 - Building the foundations of information security

Block Skunk

Build Your ISO 27001 Compliance Program

Build your ISO 27001-aligned security program in weeks not months.

Security questionnaires don't slow down bad deals. They slow down good ones.

A promising enterprise prospect asks for your SOC 2 report. You don't have one. Now you're stalling, or watching the deal cool off while legal reviews your gap assessment.

That's the problem. You're losing deals you should be winning.

What it actually is

Eleven live weekly sessions where we build your program inside your environment, together. You leave with a working risk register, ISMS foundation, documented access controls, and a complete evidence package your auditor can use. Configured to your stack and team. Not generic templates.

Covers ISO 27001 and SOC 2. If FedRAMP or HIPAA is on your roadmap, the foundation transfers.

Where most people get stuck

Policy documentation. Not writing it, getting it signed off and actually implemented. We work through that. Specifically.

Honest caveat: founders with a dedicated ops person move faster. Solo technical founders sometimes need an extra week on access controls.

Post-workshop hypercare is included, so you're not left staring at a finished risk register when your first auditor calls.

Build the program once. Let it do the answering for you.

What you’ll learn

From drowning in security questionnaires and audit chaos to running a ISO 27001-aligned security program with documented controls.

  • Live group setup of a professional risk register in Session 2 using BlockSkunk templates

  • Identify, assess, and prioritize real risks in your company with guided exercises

  • Populate and maintain the register as homework, creating a working ISMS tool

  • Structure your ISMS and map assets, data flows, and owners in Session 3

  • Use BlockSkunk templates and live group exercises on your real environment

  • Complete homework to tag and document your information systems

  • Select and configure your IdP with org-wide MFA and automated provisioning in Session 4

  • Implement least-privilege principles and maintain auditable logs

  • Verify controls with live demos and apply them in your environment

  • Write your TPRM policy and assessment process in Session 5

  • Apply it to your actual vendor list during live and homework exercises

  • Collect evidence of vendor risk assessments

  • Draft clear, effective policies in Session 6 with Policy-as-Code options

  • Run tabletop exercises to test enforcement and gather evidence

  • Build a policy library tailored to your company

  • Run a formal internal assessment in Sessions 8–9 with full guidance

  • Compile evidence from all prior sessions into a complete package

  • Get auditor selection advice and post-workshop hypercare planning

Learn directly from Block

Block Skunk

Block Skunk

Contact

Compliance first Enterprise Blockchain

See all products from BlockSkunk

Who this course is for

  • CEO, co-founder, or COO whose growth is blocked by a missing ISO 27001 certification whether it's a stalled deal or a contract at risk.

  • CTO or VP of Engineering facing new ISO 27001 requirements from enterprise clients. You know what's needed but open to support.

  • Founder or operator who wants to handle customer data responsibly not just to check a box because you care about getting security right.

What's included

Block Skunk

Live sessions

Learn directly from Block Skunk in a real-time, interactive format.

Lifetime access

Go back to course content and recordings whenever you need to.

Community of peers

Stay accountable and share insights with like-minded professionals.

Certificate of completion

Share your new skills with your employer or on LinkedIn.

Free Trial of BlockSkunk's Risk register product

Your risk register, policy vault, and compliance dashboard together in the way your auditor expects to see them. The first step takes two minutes.

Discounted Managed Services

Special rates on BlockSkunk Managed Services after the workshop. Let our compliance team handle your risk register, evidence, policies, and ongoing audit support so your ISO 27001 program runs itself.

Maven Guarantee

Your purchase is backed by the Maven Guarantee.

Course syllabus

3 live sessions • 13 lessons

Week 1

May 11—May 17

    Speedrun

    3 items

    Overview

    3 items

    Information Security Topics

    4 items

    The compliance and certification process

    3 items

    May

    14

    Session 1

    Thu 5/146:00 PM—9:00 PM (UTC)

Week 2

May 18—May 24

    May

    21

    Session 2

    Thu 5/216:00 PM—9:00 PM (UTC)

Schedule

Live sessions

5-10 hrs / week

    • Thu, May 14

      6:00 PM—9:00 PM (UTC)

    • Thu, May 21

      6:00 PM—9:00 PM (UTC)

    • Thu, May 28

      6:00 PM—9:00 PM (UTC)

Projects

5 hrs / week

Async content

5 hrs / week

Frequently asked questions

Maven for Teams

Reimbursement

Get your company to pay

Everything L&D needs: email template, receipts, and certificate of completion.

Get reimbursed

Private cohort

Run a cohort for your org

A dedicated cohort with a custom schedule and curriculum, tailored to your team.

Book a private cohort