Accelerating REPL to ISO 27001

REPL Group became an customer in March 2020. With the help of the platform, its three person ISMS implementation team achieved ISO 27001 certification by October 2020. Following on from this success, REPL Group are now using the platform to manage their GDPR compliance.

REPL Group is a UK-based business that offers world-leading workforce management, supply chain, customer experience and enterprise systems consultancy and technology. Founded in 2007, it has now grown to more than 400 people and was recently acquired by Accenture. Now, hundreds of businesses around the world rely on REPL Group to solve critical enterprise problems.

REPL’s driven by doing the right thing for its customers, team and the world at large. So information security and privacy is very important to it. Its risk and compliance people had been using our information resources to research ISO 27001 certification. So they were very aware that the standard could bring very real infosec and broader business benefits.

“It was only right that we measured ourselves against this industry recognised standard. We use the framework it provides to ensure we continuously improve our appreciation and implementation of good security practice.” Andy Loakes, Risk and Compliance Director, REPL

Why REPL chose

REPL chose because of our platform’s depth, breadth and flexibility. It gave its risk and compliance team an all-in-one-place information security management solution. And in the longer term it could help the team manage its GDPR compliance too.

When REPL came to us they had already started on their certification journey, however they weren’t quite sure of the best way forwards. They’d done some work with external consultants and taken some internal steps, but realised they needed a more focused, holistic approach.

Thanks to the extensive information resources we provide, they already had a sense of how we could help. Their initial focus was on our Information Asset Inventory, but they quickly realised how much more our platform could do. And because we offer a SaaS solution with a simple pricing model, procurement was quick and easy.

“ was the only tool we found that hit the sweet spot of providing a comprehensive and proven ISMS, ‘out of the box’, at a reasonable price for a mid-sized organisation. And unlike many other solutions, a complete ISMS and data privacy solution were integrated well in one package.”

How we accelerated REPL to ISO 27001

When you sign up for, everything’s ready to go right out of the box. This meant that the REPL team were able to get stuck straight into our Assured Results Method, which guides our customers all the way to first time compliance or certification.

They drew on our Adopt / Adapt / Add content, policies and controls as they went. Our ISMS comes preloaded, and starts you off with 77% of your ISMS policies and controls already complete. You just adopt the content that works for you. And of course it’s easy to adapt or add to, to tailor it to your organisation’s unique needs and circumstances.

“The tool comes ready to use without the need for extensive configuration. Better still, it provides a number of frameworks, guides (video as well as text) and prepopulated lists (e.g. a risk register) that get you quickly up and running.”

And of course they used our other bespoke ISMS development tools and frameworks too. We stayed close to them through our support team, who were always there to answer any questions and help with any challenges.

“It was the support team that really stood out to us. They are friendly, responsive, and effective. It’s first class support, they don’t just answer the question. They go the extra mile”

What’s next for REPL

REPL are planning ahead, working out how they’re going to manage their ISO 27001 certification through its three year life cycle and beyond. We’re talking to them about how our platform can help them with their ISMS management reviews, internal and external audits, and health checks. And of course they’re now using our platform to manage their GDPR compliance as well.

“REPL Group would recommend without hesitation. The whole experience with both the tool and the team has been a real pleasure. is seen as ‘one of the team’ here in REPL Risk and Compliance.”

Everyone we helped go for an ISO 27001 audit passed first time. You could too.