We practice what we preach

We treat your data as we do our own. And we treat our own very carefully indeed.

We’re ISO 27001 certified

We’re certified by a UKAS-accredited certification body to ISO 27001 through Alliantist, the company behind ISMS.online. You can see our ISO 27001 certificate here. The certification scope covers our:

  • Organisation
  • People
  • Services

Our primary datacentre hosting supplier is based in the UK. It has world class information security measures and certifications in place. As part of our own ISO 27001 certification we make sure that, where necessary, our other suppliers either:

  • Have their own certified ISMS
  • Follow our policies and controls
See how we’ll get you to ISO 27001
Book your demo
fa-bolt

We’re GDPR compliant

We follow the UK Information Commissioner’s Office (ICO) checklists for the General Data Protection Regulations and Data Protection Act 2018. They include 120 activities that make sure we handle personal data responsibly and in accordance with the law. We also follow ISO 27701, which covers privacy information management.

Our GDPR experience is all ready to help you
Find out more

We have Pan Government Accreditation and Public Services Network certification

Alliantist was the only supplier of its type to achieve Pan Government Accreditation to work on early government cloud frameworks. We still hold Public Services Network certification, so we still formally meet those high standards.

We’ve also met the requirements for the HMG Security Policy Framework and its related policies and controls. For example, we run Baseline Personnel Security Standard (BPSS) checks and other vetting on new hires.

We support Single Sign-On

We support Single Sign-On (SSO). We can work with an ever-growing list of identity providers, including Google, Microsoft Azure Active Directory and Okta. It’s simpler and more convenient for users, and much more secure too.

We offer two-factor authentication

We offer two-factor authentication (2FA) for all our customers. Wherever possible, our people use 2FA for the services that help them deliver and support ISMS.online. That adds an extra layer of security to both our platform and our supplier relationships.

We’re penetration tested at least once a year

Our platform and infrastructure undergo a penetration test in line with CHECK testing standards at least once a year. We also run one if there are material changes to either of them. And we’ve been rated A+ by independent SSL inspectors using the Qualsys review process.

We’re cloud secure

We follow the UK National Cyber Security Centre’s Cloud Security Principles. They’re 14 principles that make sure we securely configure and deploy our cloud-based services. That keeps you safe as you use them.

We have many other safeguards

We follow a range of other data protection safeguards, in line with GDPR. Our service includes everything you’d expect from a smart SaaS service with strong security options and great privacy controls at levels of work and access permission management. We’ve detailed them in our Terms and Conditions.

We’re always here for you

We offer in-depth support to all our customers. The exact level of support varies depending on the different packages they choose to buy, but it always involves dealing with actual human beings. To find out more, check out our support policy or just come and meet our support teams.

99.5% up time, usually with 100% reliability

24/7/365 online availability

How we do it

We use our platform to manage our ISO 27001 certification, and show compliance with other standards and regulations.

Make sure you’re infosec secure with an Information Security Management System

Find out more

Protect your organisation’s personal data with a Personal / Privacy Information Management System

Find out more

Keep delivering no matter what with a Business Continuity Management System

Find out more

Bring your management systems together with an Integrated Management System

Find out more

Platform features

Disconnected templates and toolkits supported by an expensive consultant just don’t cut it anymore. You need an ISMS that works for you both now and as your business grows.

Policies & Controls Management

Easily collaborate, create and show you are on top of your documentation at all times

Risk Management

Effortlessly address threats & opportunities and dynamically report on performance

Measurement & Automated Reporting

Make better decisions and show you are in control with dashboards, KPIs and related reporting

Audits, Actions & Reviews

Reduce the effort and make light work of corrective actions, improvements, audits and management reviews

Mapping & Linking Work

Shine a light on critical relationships and elegantly link areas such as assets, risks, controls and suppliers

Interested Party Management

Visually map and manage interested parties to ensure their needs are clearly addressed

Documented Procedures

Simply document, easily control and publish your procedures to ensure stakeholders follow them

Other Standards & Regulations

Neatly add in other areas of compliance affecting your organisation to achieve even more for less

Staff Awareness & Compliance Assurance

Engage staff, suppliers and others with dynamic end-to-end compliance at all times

Supply Chain Management

Manage due diligence, contracts, contacts and relationships over their lifecycle

User Management & Permissions

Practical permissions with low cost plans for more regular and occasional users

Privacy & Security

Strong privacy by design and security controls to match your needs & expectations
See ISMS.online in action

Simple and easy to use | Comprehensive in scope | Affordable and lower cost than alternatives

Book your free demo today