Dubber achieves global ISO 27001 certification using ISMS.online

The Challenge

Like many other organisations, Dubber’s decision to undertake ISO 27001 was commercially driven. With customers increasingly demanding security assurances, ISO 27001 would further endorse its global excellence and underline its commitment to protecting customer data and information assets.

When Dubber approached ISMS.online it had already started the process of achieving ISO 27001 certification and, due to commercial imperatives, had set themselves an ambitious target for reaching Stage 1 within a month and Stage 2 within a further 5 months.

The scope of the ISMS covered three international sites, with the implementation project and certification being led from Australia. Whilst timing was a challenge, Dubber also needed to demonstrate that its three sites, working in three time zones, were fully engaged with the process but without interrupting ‘business as usual’.

Leading the implementation for Dubber, Franchere Chan commented: “We initially worked with a consultancy to give us some early direction but it soon became apparent we needed a less rudimentary way to manage everything. As a technology provider, manual processes for the mass of documents, spreadsheets, and email exchanges for team contributions and reminders was simply too unwieldy.”

“We needed one centralised solution to help us streamline our implementation and ensure everything was in place to easily support the ISO audit processes. However, it was equally important that we had a solution that would enable us to maintain our ISMS without it becoming burdensome or labour intensive.”

Franchere Chan Implementation Lead, Dubber

The Solution

Dubber quickly identified that in ISMS.online they had a ‘one-stop-shop’ for their complete ISMS.

Franchere said: “We didn’t want to waste time building complex spreadsheets and folder structures which still left gaps in how and where to maintain the required evidence on an ongoing basis.
We wanted one secure place to manage it from.”

“ISMS.online gave us the structured frameworks, workspaces and tools, all provided pre-configured straight out of the box allowing us to get started straight away.”

Franchere Chan Implementation Lead, Dubber

Dubber found that the ability to join up the complete ISMS, in particular, mapping risks to multiple controls where they could dynamically update the Statement of Applicability (SoA), also saved them significant time.

The Result

Dubber achieved its ISO 27001 certification goal and now has an ISMS which enables business as usual and supports its continued growth.

“ISMS.online was so simple and intuitive to use and has reduced the ongoing resources needed to manage our ISMS. We’re now exploring other related use cases for the platform too.”

Franchere Chan Implementation Lead, Dubber

The team at Dubber also appreciated the ability to capture internal discussions, assigning and tasking all securely online,

“The accountability and visibility ISMS.online enables is invaluable. We wanted our ISMS to be a living and breathing system that the whole organisation engaged with and committed to. ISMS.online has enabled us to achieve just that.”

Franchere Chan Implementation Lead, Dubber

We asked Dubber how ISMS.online helped when it came to their certification audit,

“The auditor really liked the easy to follow structure and it gave him great confidence in how seriously we are taking our ISMS.”

Franchere Chan Implementation Lead, Dubber

Franchere added: “While we had an understanding of the technical requirements of ISO 27001, it was ISMS.online that helped to bring it all alive quickly with structure and pre-built tools that enabled us to embed the ISMS across our international sites.”

ISMS.online does the heavy-lifting to give organisations a great head start in their implementation whilst the collaboration features make it simple to work across disparate teams as they build the ISMS that works for them.

This, coupled with Dubber’s commitment and focus, drove their early ISO 27001 success which acts as an endorsement of its commitment to information security.