How Tribeca Technology achieved an efficient ISO 27001 audit with ISMS.online and Alcumus ISOQAR

The Challenge

Tribeca is naturally risk-aware, so information security was instinctively high on their agenda. They decided to get ISO 27001 certified to meet client needs and comply with a globally recognised regulation.

Ian Rimmer, Operations Director, Tribeca Technology Limited, said, “We had existing and potential clients who were also asking for the firm to be ISO certified – so we decided to start a project to gain certification.”

Despite Tribeca’s strong IT security background, their team faced the challenge of meeting ISO 27001 requirements with limited resources and expertise. The logical next step was to look for a management platform that could speed up ISO 27001 implementation and help embed strong infosec practices within the organisation.

“Nobody within our business had implemented ISO 27001 in the past. We didn’t want to go down the route of hiring a consultant to run the project as we felt it is important that as a business, we owned the process and were able to truly embed it within the business.”

Ian Rimmer Operations Director, Tribeca Technology Limited

Tribeca also wanted to work with a reputable UKAS accredited certification body, to draw on their extensive knowledge and experience of the certification process to help them achieve their highest potential.

The Solution

Tribeca chose ISMS.online as their trusted management platform, renowned for its simplicity and effectiveness in achieving ISO 27001, and Alcumus ISOQAR, one of the most recognised and respected UKAS accredited certification bodies.

Tribeca discovered that the ISMS.online platform simplifies certification by providing a clear ISMS framework with content, risks, controls, and trackers—all easily linked and mapped within the system.

“ISMS.online was recommended to us, and when we looked at the product offering, we felt it was the perfect fit. It helped us understand the ISO 27001 framework whilst being able to run the project ourselves.”

Ian Rimmer Operations Director, Tribeca Technology Limited

To meet their certification goals, Tribeca approached several UKAS accredited certification bodies based on recommendations from other firms. After careful consideration, Tribeca turned to Alcumus ISOQAR for their expertise in ISO 27001.

Tribeca appreciated the support and personalised attention from Alcumus ISOQAR’s team, the transparency throughout the audit and what to expect at each stage, resulting in a stress-free but thorough audit.

The Result

Together with ISMS.online and Alcumus ISOQAR, Tribeca has seen an enormous uplift in its compliance management and audit efficiency. Thanks to ISMS.online, it took Tribeca six months to build its ISO 27001-compliant ISMS.

For Tribeca, this was incredibly fast, considering how much transformation and effort was required across the entire organisation. Now, their team can go into ISMS.online and understand if their policies and controls are adhered to and, if not, what areas of risks or vulnerabilities need to be addressed and by when.

“ISMS.online is at the centre of our Information Security Management System – it is the tool that we use to assess risks to the business, document controls against those risks and allows us to continue the process of continuous improvement.”

Ian Rimmer Operations Director, Tribeca Technology Limited

Tribeca also found great value in Alcumus ISOQAR’s ability to conduct an efficient audit within ISMS.online. This approach considerably improved communication with their auditor and reduced the manual effort of finding and exporting evidence, enabling Tribeca to facilitate a more thorough audit.

“The stage I and stage II audits went really well. The work we have done within ISMS.online really made the process straightforward. During the stage I audit all of the documentation the auditors needed was available to them in one place and critically – linked together. So, the auditor could view the risks we had identified linked to the relevant assets and controls within the ISO framework.”

Ian Rimmer Operations Director, Tribeca Technology Limited

Tribeca provided auditor access to their ISMS, allowing the audit team to easily navigate through controls and evaluate documented information as evidence. The process was streamlined and straightforward.

“During the stage II audit, we were able to demonstrate the internal audits we had performed and all the collected evidence centrally in one place through ISMS.online,” said Ian.

The ease of use of ISMS.online’s platform proved instrumental in helping Tribeca prepare for ISO 27001 certification in just two months. Thanks to ISMS.online, Tribeca was well-equipped to meet the requirements of ISO 27001 and achieved certification with outstanding feedback.

“The organization’s Information Security Management System within ISMS.online has been thoughtfully designed to ensure that all necessary information is easily accessible whenever needed. This system not only provides immediate access to critical data but also includes all supporting documents in a well-organized manner, making it efficient and user-friendly.”

Peter Boothby Lead Auditor, Alcumus ISOQAR

What’s Next?

Tribeca is already seeing significant efficiencies with the ISMS.online systems and Alcumus ISOQAR’s audit process. The company recently transitioned from the ISO 27001:2013 standard to the new ISO 27001:2022 certification. Their certification with Alcumus ISOQAR helps to establish a strong discipline in data management and provides real confidence throughout the transition to the new standard.

Kellie Collins, Head of Marketing at Alcumus ISOQAR said: “More organisations could benefit from understanding the importance of adopting an Information Security Management System in the way that Tribeca has done. The business’s high standard has set an example that other companies within the sector will hopefully follow. We look forward to continuing to work with Tribeca.”

The success of the ISO 27001 certification has greatly impacted the company’s business, reinforced their industry standing, and expanded its market opportunities. Recently, Tribeca became part of a larger organisation, Abacus Group, which opened up further opportunities for growth.