REPL Group signed up with us in March 2020. Its three person ISMS implementation team achieved ISO 27001 certification by October 2020. They’re also using our platform to manage its GDPR compliance.
REPL’s a UK-based business that offers world-leading workforce management, supply chain, customer experience and enterprise systems consultancy and tech. Since it began in 2007, it’s grown to employ more than 400 people and was recently acquired by Accenture. Now, hundreds of businesses around the world rely on it to solve critical enterprise problems.
REPL’s driven by doing the right thing for its customers, team and the world at large. So information security and privacy is very important to it. Its risk and compliance people had been using our information resources to research ISO 27001 certification. So they were very aware that the standard could bring very real infosec and broader business benefits.
“It was only right that we measured ourselves against this industry recognised standard. We used the framework it provides to ensure we continuously improve our appreciation and implementation of good security practice.”
Why REPL chose us
REPL chose us because of our platform’s depth, breadth and flexibility. It gave its risk and compliance team an all-in-one-place information security management solution. And in the longer term it could help the team manage its GDPR compliance too.
When REPL came to us, the team had started its certification journey. But they weren’t quite sure of the best way forwards. They’d done some work with external consultants and made some internal steps forward, but realised they needed a more focused, holistic approach.
They’d been using our information resources, so they already had a sense of how we could help. Their initial focus was on our Information Asset Inventory. But they quickly realised how much more our platform could do for REPL. And because we offer a SaaS solution with a simple pricing model, procurement was quick and easy.
“ISMS.online was the only tool we found that hit the sweet spot of providing a comprehensive and proven ISMS, ‘out of the box’, at a reasonable price for a mid-sized organisation. And unlike many other solutions, a complete ISMS and data privacy were integrated well in one package.”
How we accelerated REPL to ISO 27001
When you sign up for ISMS.online, everything’s ready to go right out of the box. So Andy and his team were able to get stuck straight into our Assured Results Method, which guides our customers all the way to first time compliance or certification.
They drew on our Adopt / Adapt / Add Content as they went. It comes preloaded, and starts you off with 77% of your ISMS policies and controls already complete. You just adopt the content that works for you. And of course it’s easy to adapt or add to, to tailor it to your organisation’s unique needs and circumstances.
“The tool comes ready to use without the need for extensive configuration. Better still, it provides a number of frameworks, guides (video as well as text) and prepopulated lists (e.g. a risk register) that get you quickly up and running.”
And of course they used our other bespoke ISMS development tools and frameworks too. We stayed close to them through our support team, who were always there to answer any questions and help with any challenges.
“It was the ISMS.online support team that really stood out to us. They are friendly, responsive, and effective. It’s first class support, they don’t just answer the question. They go the extra mile”
What’s next for REPL
REPL are planning ahead, working out how they’re going to manage their ISO 27001 certification through its three year life cycle and beyond. We’re talking to them about how our platform can help them with their ISMS management reviews, internal and external audits, and health checks. And of course they’re using our platform to manage their GDPR compliance.
“REPL Group would recommend ISMS.online without hesitation. The whole experience with both the tool and the team has been a real pleasure. ISMS.online is seen as ‘one of the team’ here in REPL Risk and Compliance.”