Accelerating Renalytix AI to ISO 27001 certification

US-based Renalytix AI is an artificial intelligence-enabled in vitro diagnostics company. It focuses on optimizing clinical management of kidney disease to drive improved patient outcomes and lower healthcare costs. That means it handles some very sensitive medical data.

ISO 27001 certification was a must have for the company.

As a truly global infosec standard, it’s a highly effective way of creating infosec certainty. But creating an ISO 27001-ready information security management system is a big challenge. The standard’s written in a very open-ended way, so it can be hard for organisations to work out how to apply it to their unique structures and needs.The certification process can be complex and time-consuming, with no guarantee of first-time success.

That was the challenge Renalytix AI’s infosec team faced. They’d already started developing their ISMS. But they weren’t confident that they’d fully understood the standard and its requirements. And they weren’t sure how to steer a clear path to first time certification.So they came to us.

Renalytix AI needed to work quickly and effectively towards full certification.

And its infosec team wanted to make sure they really understood ISO 27001. So they started looking for an all-in-one-place ISMS solution with helpful content and flexible, expert support.

Renalytix AI signed up for our Virtual Coach, which offers 24/7, context-specific help and support. Our Adopt / Adapt / Add content took the team 77% of the way to ISMS completion from their very first log-in. And the Assured Results Method guided them all the way through ISMS implementation and certification to first-time ISO 27001 success.

In addition, our ISO 27001 and ISMS experts stood ready to help with the Renalytix AI team’s specific challenges. We began by carrying out an internal audit of their ISMS which helped them to simplify their approach to risk mapping and management, strengthen the language of their ISMS and avoid duplication of effort across its infosec policies and controls.

Renalytix AI enjoyed a very successful Stage 1 external audit of their ISMS.

With our team by their side, they went through their second and final external ISO 27001 audit. News that they had achieved full certification arrived shortly afterwards.

Renalytix AI is now looking to maintain its current certification over the three year lifecycle and beyond.

They consider expanding its ISMS to cover other standards or regulations.Because the infosec team built their ISMS on our platform, it’s already set up for all the internal and external maintenance audits the ISO 27001 standard requires. And because our platform’s so flexible, they’ll be able to reuse any relevant ISMS work to go for other standards or show compliance with other regulations.If you’d like us to help you with your ISO 27001 project then book a demo today.