Boomerang achieves a cost-effective ISO 27001 success with ISMS.online

Achieving ISO 27001
IT & Services
Small Business

The Challenge

Boomerang was initially unfamiliar with ISO 27001 and exactly what would be involved in the route to certification. As an SME with its resources focused on the day-to-day operation of the business, it was clear that whatever path it followed must be easy to use and flexible enough to change as the company grew.

“You wouldn’t try and emulate Microsoft Office so why try and build our own solution to manage the ISMS if others could do the job.”
Andy Allen Operations Director, Boomerang

The Solution

Boomerang embarked on the route to ISO 27001, aiming for independent UKAS certification for its information security management system (ISMS). Having had a good look around at the various options, Boomerang quickly realised that ISMS.online was a clear choice.
The ISMS.online package for small businesses was perfect for an organisation like Boomerang. It combined the platform for information security management with actionable policies that it could adopt straight out of the box to give it a big head start. This, combined with additional implementation support, meant that the Boomerang team stayed focused and on track with the really practical guidance we provided.

“The ISMS.online team invested their time into understanding our business and our goals and put together a package of remote adoption support.”
Andy Allen Operations Director, Boomerang

It’s more than just a great cloud software with everything we need for our ISMS in one place.

Andy Allen, Operations Director, Boomerang

The Result

Boomerang’s stage 2 audit went very well and they have received ISO 27001 certification. Andy Allen of Boomerang said:

“The Auditor was really impressed with ISMS.online and said it made it very easy to audit.”
Andy Allen Operations Director, Boomerang

Boomerang is the perfect example of why the ISMS.online team created a specific package to help smaller organisations achieve their goals cost-effectively. Many smaller organisations rule out ISO 27001 as it is often seen as a costly and time-consuming option. And yet in doing so, they limit their ability to win valuable business that requires their supply chain to demonstrate compliance with their Information Security Management System.

“We are delighted to have helped Boomerang achieve its ISO 27001 certification. Information security is clearly growing in importance for all businesses in the supply chain but until now its been almost impossible for smaller organisations to get these credentials, ruling them out of winning new business.
ISMS.online puts affordable and trusted information security practices within the reach of all organisations, from the smallest business through to global enterprises and large supply chains.”
Mark Darby CEO, ISMS.online

What’s Next?

Following their ISO 27001 certification Boomerang have started implementing further controls around business continuity with ISO 22301 BCMS. They recognise continuity of the broader business operation goes beyond ISO 27001 Annex A 17, and its importance to their customers. ISO 22301 is a welcome addition to Boomerang’s Information Security Management, and although it won’t increase their work load by much, it will help their business stand head and shoulders above the rest. Being proactive regarding business continuity will be exactly what their customers are looking for given the current COVID-19 pandemic.
In addition, and as an extension of their ISO 27001, Boomerang are also looking at ISO 27701:2019 for privacy information management increasing due diligence around personal data.

Want results like this?

100% of our users achieve ISO 27001 certification first time. Start your journey today

See how we can help

ISMS.online now supports ISO 42001 - the world's first AI Management System. Click to find out more