Helping Aperian Global with ISO 27001, ISO 27701 and GDPR

Aperian Global provides organisations with scalable, blended solutions that enable employees to work effectively across boundaries, whatever those boundaries may be. They help their clients accelerate the development of global leaders and increase productivity for diverse teams, employees relocating abroad, and groups involved in mergers and acquisitions.

“With less than a hundred employees and a limited budget, our company is a lean provider of cloud-based services. Despite our relatively small size, we have a global presence of consulting and training professionals who incorporate our web technologies around the world.” Vivian Kroner, ISO 27001, 27701 and GDPR lead implementer, Aperian Global

Aperian Global gathers a lot of information about the organisations and people it works with, so information security and privacy management is very important to them.

Vivian and her team first came to us for help upgrading Aperian’s ISMS to:

With the recent development of the ISO 27701 privacy extension to ISO 27001, Aperian realized the strategic advantage of this additional certification.

“Our Fortune 500 clients have been demanding more and more privacy and security documentation. It made sense to obtain a universal privacy standard certification like ISO 27701 rather than going through each client’s internal supplier requirements. Significant business was on the line for us.”

So now in addition to information security and GDPR, Aperian Global also had to create a Privacy Information Management System and achieve ISO 27701 certification. Fortunately with that was no problem.

“From signature to accreditation, it took us roughly two months to achieve ISO 27701 as an add-on to our existing ISO 27001 certification.”

Working with has had a transformative impact on Aperian Global:

“We wholeheartedly recommend in general and their ISMS and PIMS specifically. The platform has changed how we work and has enabled us to achieve certification to standards within a very reasonable period of time.

Each section ties together and we are able to use this one platform to house all aspects of our security and compliance documentation. Moreover, clients who have requested specific policies have been very impressed with the level of detail we are able to demonstrate thanks to the platform’s thoughtful Adopt / Adapt / Add templates.”

Why Aperian Global chose us

At the start of the project, Aperian Global’s compliance team had experience with GDPR and information security management. In fact. they already had a basic ISMS up and running.

“We had worked through various approaches to understand what was required and then to cobble together the GDPR readiness documentation needed. We initially utilized various Google spreadsheets and templated documents, which were hard to edit for our specific use, not easy to maintain and difficult to track who was responsible for what, due dates and policy changes.”

But they were new to the world of ISO 27001.

“Initially daunted by the prospect of implementing the ISO 27001 standard, we discovered the platform which had saved the day for other similarly situated companies. After looking at the tool, we decided to proceed. In retrospect, this was the best call we could have made.”

In addition to our powerful ISMS platform, the Aperian team also opted to take on some additional functionality including:

  • Virtual Coach, which offers context-specific ISO 27001 help and support
  • GDPR add-on pack, which gives specific regulatory guidance
  • Policy Packs, which make sure people comply with any controls that apply to them

How we accelerated Aperian Global to ISO 27001, GDPR compliance, and ISO 27701

Our platform gives its users a very practical introduction to ISO 27001.

“Echoing the structure of the actual standard, the system can seem overwhelming at first. Thankfully, the makers of take the novice user by the hand, and through their topic-specific Virtual Coach videos walk you through the what, why, and hows of each detail.

We soon discovered the genius of this method. All the policies, documents, and supporting materials are linked in the system, so that we didn’t have to figure out all the connections on our own. Where needed, we could easily customize the system to fit specific situations. But overall, we were able to put our trust in the system and with steady work and relying on its guidance were able to make progress in line with the timeframe we had set out.

Having nearly completed all aspects of the system, including the Clauses, Annexes, Risk Registers, Tracks, and Accounts, plus GDPR compliance, we were able to fly through our Stage One audit with only a few suggestions.”

That was just for starters.

When the implementation team realised they needed ISO 27701 too, our privacy experts came onboard. We helped them create Aperian’s PIMS (Privacy Information Management System), building it as part of a single integrated management system that also included their ISMS. This way they could draw on ISO 27001 and GDPR work they had already done, accelerating their progress to ISO 27701 certification.

“We appreciate the 27701 PIMS platform integration with the 27001 ISMS and its intelligent organization, the reminders, to-dos, easy linking, tracks for processing activities, and so much more. It is a fabulous system, and once you wrap your mind around how it is set up, it becomes very easy to use.”

Supporting Aperian Global through a particularly challenging moment

We pride ourselves on helping our customers with any challenge that comes up. At one point, just before their Stage 1 ISO 27001 audit, the Aperian Global team faced a very big challenge indeed.

We’ll let them tell the story:

“We subjected the system to the ultimate stress test when we accidentally deleted a good portion of our work just between the Stage 1 and Stage 2 audits.’s engineers and tech support were on the job like bees in a hive, working tirelessly and around the clock to help us recover our content in record time.”

With all the lost work recovered, Aperian Global made it through the audit with flying colours.

“Our experience illustrates the true value of working with While the system itself is thoughtfully designed and engineered, the skill and dedication of the people behind it is truly outstanding. Being in the cloud services business ourselves, we can’t think of any company whose delivery of service and support can hold a candle to”

What’s next for Aperian Global

Aperian Global has signed up with us for the full three-year life of their ISO 27001 and 27701 certifications. Our platform will help them maintain, improve and evolve their integrated ISMS and PIMS. They’ll be all ready for recertification when the time comes. And like always, we’ll be there to help them.

“By now, we are repeat customers, first for the ISMS to achieve our ISO 27001 certification and then for the PIMS to achieve certification to ISO 27701. Without exception, the staff at Alliantist have been wonderful. Attentive, knowledgeable, and patient, they readily answer our questions and take into consideration our requests for product changes or improvements.”

Everyone we helped go for an ISO 27001 audit passed first time. You could too.