How McConnell Jones excels through multiple ISO certifications with ISMS.online and A-LIGN

The Challenge

McConnell Jones aimed to achieve compliance with ISO 27001 (Information Security Management), ISO 27701 (Privacy Information Management), and the NIST cybersecurity framework. The firm sought a simpler approach to managing compliance with multiple standards, allowing the team to address the overlapping requirements efficiently, avoid redundant efforts, and maintain clarity on tasks specific to each standard.

“We were looking for a cost-effective and a user-friendly solution for our ISO certifications,” said Chris Williamson, Chief Information Security Officer at McConnell Jones.

The next step was to select a reliable auditing partner to validate compliance and issue certifications. With limited internal resources for managing such a substantial project, McConnell Jones required tools and expertise that would help them balance these rigorous compliance demands without disrupting day-to-day work.

“We looked for an auditor that is willing to answer questions and provide insight across different compliance frameworks. We wanted to partner with an auditor whose values and auditing approach aligns with the way we would audit our own clients.”

The Solution

McConnell Jones adopted ISMS.online, a cloud-based solution that can assist companies to implement an ISMS and work towards ISO 27001 compliance. The platform provided a centralised system that McConnell Jones implemented to manage all aspects of their ISMS, including policies, risk management, and audits. ISMS.online’s pre-configured templates and guided workflows assisted during the implementation, while also allowing the team to easily map controls across ISO 27001, ISO 27701, and NIST frameworks.

“The templates that were provided for the policies and controls significantly reduced the time it took to write our new policies. The Virtual Coach helped a lot as ISO was a new area for us. The guidance that it provided made it easy for us to transition from NIST to ISO.”

Chris Williamson, CISA, CDPSE Chief Information Security Officer, McConnell Jones

ISMS.online’s real-time collaboration features and audit tools further facilitated the certification process. The platform empowered McConnell Jones’ teams to work together in developing policies, conducting internal reviews, and ensuring that all stakeholders were involved.

“Having a system purpose built for ISO compliance has been great. Without ISMS.online, I do not think we would be able to achieve and maintain our certifications with two people that we have managing the project,” said Chris.

McConnell Jones also partnered with A-LIGN to perform the certification audit. A-LIGN’s in-depth expertise in certification requirements. combined with their unwavering support throughout the process, resulted in a seamless audit experience.

The Result

With the combined capabilities of ISMS.online and A-LIGN, McConnell Jones successfully achieved certifications for ISO 27001, ISO 27701, and compliance with the NIST Cybersecurity Framework. The ISMS.online platform reduced implementation complexity and saved time, enabling the firm to complete the process more efficiently than traditional methods.

“The platform has greatly improved our efficiency. We have also had great improvements in the collection of evidence since 90% of it comes from ISMS.online.”

Chris Williamson, CISA, CDPSE Chief Information Security Officer, McConnell Jones

A-LIGN’s expertise provided assurance that McConnell Jones’ security and privacy measures met global standards. With ISMS.online and A-LIGN having pre-existing partnership, McConnell Jones benefited from the efficiencies that come from both firms working in close unison and the streamlined processes that have been developed.

“All of the auditors that have used or observed the use of ISMS.online have been very impressed with the platform. They have been able to find any documentation that they need relatively quickly and with minimal instruction on the use of the platform.”

Chris Williamson, CISA, CDPSE Chief Information Security Officer, McConnell Jones

What’s Next?

Building on its success, McConnell Jones plans to continuously improve its ISMS and ensure ongoing compliance. The firm is committed to leveraging ISMS.online to monitor risks, update policies, and maintain its certifications. Regular internal audits and employee training will remain a priority to ensure that the company stays ahead of emerging threats.

Organisations seeking to achieve similar results can look to McConnell Jones as a blueprint for success, leveraging tools like ISMS.online and trusted audit partners like A-LIGN to navigate the path to compliance.

“ISO 27001 and ISO 27701 certifications are widely recognised signals of trust and security. It’s great to work with organisations like McConnell Jones who understand the value of expertise in driving an efficient audit and the importance of a high-quality final report.”

Steve Simmons Chief Operating Officer, A-LIGN

If you would like results like this then get in touch with us today to see how we can help your business.

About A-LIGN

A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. For more information, visit a-lign.com.