The Challenge for Boomerang
Boomerang was initially unfamiliar with ISO 27001 and exactly what would be involved in the route to certification.
As an SME with its resources focused on the day-to-day operation of the business, it was clear that whatever path it followed must be easy to use and be flexible enough to change as the company grew.
The ISMS.online Solution
The ISMS.online package for small businesses was perfect for an organisation like Boomerang.
It combined the platform for information security management with actionable policies that it could adopt straight out of the box to give it a big head start.
This, combined with additional implementation support, means that Boomerang is staying focused and on track with the really practical guidance that we’ve made available.
Boomerang’s stage 2 audit went very well and they have received ISO 27001 certification.
Andy Allen of Boomerang said: “the Auditor was really impressed with ISMS.online and said it made it very easy to Audit.”
That’s why ISMS.online created a specific package to help organisations like Boomerang achieve their goals cost-effectively.
Many smaller organisations rule out Information Security Management System.as it is often seen as a costly and time-consuming option. And yet in doing so, they limit their ability to win valuable business that requires their supply chain to demonstrate compliance with their
Boomerang Messaging provides automated digital communications over SMS, and voice, enabling management of time-critical alerts and notifications. Boomerang works with a range of customers and recognises the importance of demonstrating its information security credentials to them.
As such it embarked on the route to information security management system (ISMS). Having had a good look around at the various options, Boomerang quickly realised that ISMS.online was a clear choice.: 2013, aiming for independent UKAS certification for its
“You wouldn’t try and emulate Microsoft Office so why try and build our own solution to manage the ISMS if others could do the job.
It’s more than just great cloud software with everything we need for our ISMS in one place. The team behind it invested their time into understanding our business and our goals and put together a package of remote adoption support.”
“We are delighted to have helped Boomerang achieve its Information Security is clearly growing in importance for all businesses in the supply chain but until now its been almost impossible for smaller organisations to get these credentials, ruling them out of winning new business.certification.
ISMS.online puts affordable and trusted information security practices within the reach of all organisations, from the smallest micro-business through to global enterprises and large supply chains.”
What’s next for Boomerang and ISMS.online
Following their ISO 27001 certification Boomerang have started implementing further controls around business continuity with ISO 22301 BCMS. They recognise continuity of the broader business operation goes beyond ISO 27001 Annex A 17, and its importance to their customers. ISO 22301 is a welcome addition to Boomerang’s Information Security Management, and although it won’t increase their work load by much, it will help their business stand head and shoulders above the rest. Being proactive regarding business continuity will be exactly what their customers are looking for given the current COVID-19 pandemic.
As an extension of their ISO 27001, Boomerang are looking at ISO 27701:2019 for privacy information management increasing due diligence around personal data.