Chill Compliance ISO 27001 frequently asked questions page banner

FAQ

Chill Compliance FAQ – ISO/IEC 27001 & ISMS Resources

Access Chill Compliance’s ISO/IEC 27001 and ISMS resources – comprising logically structured, downloadable, editable frameworks designed for efficient self-service implementation. Created for SMEs, startups, and small businesses, these resources support preparation of ISO/IEC 27001 documentation, assist internal adoption, and help strengthen your organisation’s compliance processes.

Browse our ISO 27001 and ISMS Resource Collection.

Understanding Chill Compliance

What is Chill Compliance and its ISO 27001 resources?

Chill Compliance provides downloadable digital resources designed and developed by a practitioner with hands-on ISO 27001 and ISMS experience. Our resources support self-service implementation, helping teams structure ISO 27001 documentation efficiently while aiming to maintain alignment with recognised standards and real-world audit practices.

Currently, we focus on Information Security (ISO 27001 and ISMS documentation).

Learn more on our About Us page.

Do you provide legal, regulatory, or compliance advice or consultancy?

No. Our resources are informational tools that provide structured frameworks for documentation. However, we are not your lawyers, advisers, or consultants, and we do not provide advice tailored to your specific business, regulatory, or legal obligations.

Resource vs professional advice – what’s the difference?

Resource: Logically structured, ready-to-edit, frameworks (including core documents and guidance notes) for ISO 27001 and ISMS setup.
Professional advice or consultancy: Personalised guidance specific to your business and compliance obligations.

We empower self-service adoption without providing personalised advisory or consultancy services. Note that our resources are not a substitute for professional legal, audit, or consultancy services.

Can you create custom resources or provide customisation services?

Not currently. Our resources are designed for easy self-service internal customisation, giving your team full control over how they implement their ISMS.

Our Editable ISO 27001 & ISMS Resources

Are your resources suitable for my business, industry, or country?

Our resources follow ISO/IEC 27001:2022 guidelines and widely accepted ISMS practices. They are designed as general frameworks suitable for a variety of organisations. Since they are not jurisdiction-specific or industry-specific, you should verify any local legal, statutory, or regulatory requirements with your own legal or compliance team to ensure full alignment.

Do your resources guarantee compliance or ISO 27001 certification?

No. These resources do not guarantee regulatory compliance or certification. Achievement of certification depends entirely on your organisation’s implementation, operation, and ongoing maintenance of your ISMS.

Our resources are designed by an experienced practitioner to follow ISO/IEC 27001:2022 clauses and ISMS framework principles. They are designed to help structure documentation in a way that aligns with audit expectations and common best practices, reducing time spent on drafting and supporting the creation of traceable ISMS artefacts.

Browse our ISO 27001 resources to support your ISMS documentation efforts.

Will my auditor accept these resources?

Audit acceptance depends on your organisation’s implementation, operation, and maintenance of your ISMS. These resources are designed to be practitioner-led and logically structured, supporting clause alignment and traceability, while providing a framework that auditors commonly expect. Proper tailoring and internal adoption are required to meet your auditor’s specific criteria and demonstrate that the ISMS is functioning within your business.

Who develops your resources?

Our resources are developed by our founder, an experienced ISO 27001 practitioner with hands-on information security and ISMS implementation experience. Our approach incorporates real-world audit insights, designing resources for clarity, traceability, and practical application.

For details on our founder's experience, see our About Us page.

How current are your resources?

We review our resources periodically to align with the ISO/IEC 27001:2022 standard and evolving ISMS best practices. When significant updates are made to the core framework, we aim to reflect these in our available resources so that they continue to serve as a practical starting point for your compliance journey.

Will I receive updates for the resources after purchase?

Each purchase includes the version of the resources available at the time of sale. While minor corrections or clarifications may be provided at our sole discretion, major revisions (such as those following significant changes to the ISO standard) are generally released as new resources and require a separate purchase.

Do the resources include guidance notes?

Yes. Each resource includes detailed Guidance Notes developed by an experienced compliance practitioner. These notes explain how to customise and implement the content, highlight common considerations, and show how artefacts link across your ISMS. This practitioner-led guidance is designed to support your team in maintaining ISO/IEC 27001 alignment and documentation consistency.

Explore the ISO 27001 collection to browse all available resources.

Do I need specialist experience to use these resources?

While these resources are designed for practical, self-service use, a basic familiarity with information security concepts is recommended. The resources and Guidance Notes are structured to be accessible to non-specialists, helping teams align their documentation with ISO/IEC 27001 requirements. However, successful implementation still requires a committed internal effort to tailor the content to your specific business operations.

In what languages are your resources available?

Currently, our resources are provided in English only. Additional languages may be added in future releases.

Purchasing Resources & Payment

What payment methods are accepted?

We accept Visa, Mastercard, American Express, UnionPay debit and credit cards, as well as digital payment options Apple Pay, Google Pay, and Shop Pay. All transactions are processed via PCI-compliant payment gateways.

Is this a subscription or recurring payment?

No. All purchases on Chill Compliance are one-time payments for digital resources. There are no subscriptions, recurring charges, or automatic renewals.

Are taxes included in prices?

Prices listed generally exclude applicable taxes, which will be calculated and added at checkout based on your billing location. Customers are responsible for any local taxes that may apply to their purchase.

Is my payment information secure?

Yes. All transactions are encrypted and comply with PCI DSS standards. Chill Compliance does not store your full card details. Your payment information is handled securely by Shopify Payments.

Digital Resource Delivery & Troubleshooting

How do I access my resources after purchase?

Download links appear immediately on the order confirmation page, are sent via email (from hello@chillcompliance.com), and in your customer account. Please check your spam or junk folders if the email is not received.

All products are digital – see our Delivery Policy for further details.

Are there download limits or restrictions on using multiple devices?

Yes, you can use your resources across multiple devices. Once purchased, resources can be downloaded and used on any of your compatible devices. While we do not enforce a strict download limit on the number of download attempts, we strongly recommend saving backups of all purchased resources promptly to your own storage to prevent accidental loss.

I lost my resource – what should I do?

First, search your email and customer account for the original download link. If it is missing, contact hello@chillcompliance.com with your order number and email address used for your purchase. Once verified, we will assist in restoring your access.

Please see our Delivery Policy for further information regarding delivery and access.

What software is required?

Our resources are primarily designed for Microsoft Office to support full functionality and formatting.

Editable Formats (DOCX, XLSX, PPTX): Compatible with Microsoft Office (Recommended), Google Workspace, and Apple iWork.
Static Formats (PDF): Compatible with Adobe Reader (Recommended) or any modern web browser.

All resources are delivered in a ZIP file. For bundled resources, this master ZIP file may contain individual ZIP files for each separate resource. You will need a standard unzipping utility (built-in to most Windows and Mac computers) to access the files.

What if I cannot open a resource file?

First, try re-downloading the resource and ensuring your software is up to date. If the issue persists, please contact hello@chillcompliance.com with your order number, email address used for purchase, and a brief description of the problem. We aim to respond to all delivery and access inquiries within 1 business day.

Refunds & Support

What is your refund policy?

Due to the nature of instant digital delivery, all resources are non-refundable. It is your responsibility to ensure resources are suitable for your specific operational, technical, compliance, and legal needs prior to purchase. However, we offer replacement or refund for resources with verified errors or material defects, as outlined below under “What if a resource has an error?”.

For full details, see our Refund Policy.

What if I bought the wrong resource or changed my mind?

Digital resources are delivered immediately upon payment. Instant access to these files means that changes or cancellations are generally not possible. It is your responsibility to ensure the resources are suitable for your specific needs prior to purchase. While we do not offer refunds for “change of mind”, minor corrections to a purchased resource may be provided at our sole discretion. See our Refund Policy for details.

What if a resource has an error or does not match the description?

If you find an error, inconsistency, or other material defect in your resource, please report it to us at hello@chillcompliance.com. Please include your order number, email address used for purchase, a description of the issue, and any supporting evidence (e.g. screenshots). We will verify the report against our stated resource descriptions and specific version of the resource purchased. For verified material errors, we may provide a corrected file, a replacement, or a refund at our sole discretion, as outlined in our Refund Policy.

How fast do you reply to support requests?

Delivery and access issues (e.g. missing or corrupted files) are usually responded to within 1 business day. General support requests, such as resource guidance or error verification, are typically responded to within 5 business days.

Usage & Licensing

Can I share resources with others?

No. Each purchase grants a limited, non-transferable license for internal use only (by the purchasing legal entity or individual). Sharing, reselling, or distributing the resources – including with clients, contractors, or other third parties – is strictly prohibited. If you are a consultant, your clients must purchase their own separate licenses.

See our Terms of Service for details.

Can I use resources for multiple clients or businesses I work with?

No. Each license applies to one legal entity or individual. If you provide consultancy services, your clients must purchase their own licensed copy directly to ensure they hold a valid, separate license for the material.

Can I modify the resources?

Yes. You can edit the resources to suit your organisation’s specific needs. While you own any original content you add, the underlying resource content, structure, and concepts remain the exclusive intellectual property of Chill Compliance. Creating a modified version does not grant you ownership of the core resource, and you may not resell, distribute, or pass off the modified version – in whole or in part – as your own original work. This is standard practice in professional licensing.

What happens if I change jobs?

Licenses do not transfer automatically. Individual-use licenses remain with the purchasing individual. Licenses purchased by a company belong to that legal entity and cannot be transferred to another employer or third party.

Can I use the resources for multiple internal projects?

Yes. As long as the projects belong to the same purchasing legal entity or individual, you can use the resources across multiple internal initiatives. However, using the resources for the benefit of other distinct legal entities (such as clients, subsidiaries, or separate businesses) is strictly prohibited and requires separate licenses.

Do I keep the resources forever after purchase?

You can keep and reuse the resources you download for your business. Your purchase grants a non-transferable, perpetual license for internal business or professional use of the specific version you purchased (subject to Terms of Service).

Future updates or new editions may be released separately and are not automatically included. We strongly recommend you download and save your resources promptly after purchase. While your license to use the specific version you bought does not expire, Chill Compliance does not provide indefinite hosting or permanent access via download links; you are responsible for maintaining your own backup copies.

I suspect unauthorised use – what should I do?

Please report any suspected breaches, reselling, unauthorised distribution, or “passing off” of our materials to legal@chillcompliance.com.

We take the protection of our intellectual property seriously to maintain the quality and integrity of our resources for all legitimate license holders. We review all reports and reserve the right to take the necessary steps to protect our users and our intellectual property.

General Inquiries & Contact

Can I suggest new resources?

Yes. We welcome your ideas. Submit your suggestions via the Contact Us page or email hello@chillcompliance.com.

While we cannot promise to develop every suggestion, user feedback is a primary driver for our new releases. Please note that by sharing your ideas, you agree that Chill Compliance may develop these resources without any obligation or compensation (as outlined in our Terms of Service).

Are new compliance categories planned?

Yes. We intend to expand our library in the future. Categories under consideration include Data Protection, Data Privacy, Business Continuity, and Disaster Recovery. Check back regularly or follow our updates to see when new resources become available.

How can I contact Chill Compliance?

You can reach us via the following channels:

General Inquiries: Use our Contact Us page, email hello@chillcompliance.com, or call us at +65 8085 8328.
Legal & Intellectual Property: For matters relating to our Terms of Service or intellectual property reports, email legal@chillcompliance.com.
Privacy & Data Protection: To reach our Data Protection Officer regarding our Privacy Policy or your personal data, email dpo@chillcompliance.com.

We strive to respond to all inquiries as promptly as possible during standard business hours.

Are you affiliated with ISO or any certification bodies?

No. Chill Compliance is an independent provider of professional resources. We are not affiliated with, endorsed by, or an accredited partner of the International Organization for Standardization (ISO) or any third-party certification bodies.

Our resources are designed to help you align with international standards, but official certification must be sought through an independent, accredited registrar. “ISO” is a registered trademark of the International Organization for Standardization.

Still have questions?

We’re here to help. If you couldn't find the answers you need or require more information about our resources, please reach out. We are ready to assist you.