How Ziptech Services achieved ISO 27001 and partnered with us

Circle-overlap

Ziptech Services is a UK-based IT services company. It partners with SMEs across London and the South East, helping them optimise technology to achieve better business outcomes. Information security is a top priority, but as tech specialists they understand that ISO 27001 is about much more than just security.

Ziptech wanted to create its new Information Security Management System (ISMS) and achieve ISO 27001 certification to:

  • Refine and improve internal processes
  • Forge new and strengthen existing relationships
  • Demonstrate the company’s commitment to delivering a world-class service

“We started off using spreadsheets and it was a nightmare. With the ISMS.online solution, all the hard work was made easy. We couldn’t have done it this quickly without this solution.” Perry Bowles, Technical Director, Ziptech

The company achieved certification in March 2021 and also wants to use our platform to:

  • Manage its GDPR compliance
  • Go for the quality management-focussed ISO 9001 standard

Ziptech is also now an ISMS.online partner and can share our platform with its clients.

“Yes I would recommend ISMS.online. The system not only helps put an ISMS together in the first place but also to maintain and improve it. Once completed, the various modules and areas all link together to give a holistic ISMS that’s simple to manage, including review reminders, to-do’s, audit schedules, risk reviews, etc.”

Why Ziptech Services chose us

When Ziptech Services’ Technical Director Perry Bowles came to us he’d already begun his ISO 27001 journey. Like many of our customers, he had a clear destination in mind but wasn’t sure how to get there quickly and efficiently.

He realised that he needed an all-in-one ISO 27001 solution that would help him and his team:

  • Understand the ISO 27001 standard
  • Efficiently navigate the process of meeting its requirements to achieve certification

“We initially had a gap analysis done by our CE certification body, who also supplied a 27001 toolkit of templates and other documentation. We struggled with this approach so looked for a solution that would explain ISO 27001 as well as guiding us through the process. ISMS.online was chosen because it did just that.”

How we accelerated Ziptech Services to ISO 27001

Our Assured Results Method breaks the ISO 27001 journey down into 11 clearly defined sections. It gave Perry and his team a full overview of their journey to certification. And each section contains specific actions and explanations, guiding them every step of the way.

They also drew on our pre-loaded content, which gave them a head start with 77% of the ISMS content already completed. It was immediately available to Adopt, Adapt or Add to as necessary. They were able to adopt much of it straight out of the box, while adapting or adding to it to meet their unique information security needs was a simple task.

Perry also chose to use our optional Virtual Coach. It complements our support teams by providing context-specific guidance, 24/7.

“As a complete novice to ISO 27001 it was really vital for me having the VC module. Along with that, the pre-filled, suggested text to adopt or adapt (or completely rewrite if necessary) really helped with the understanding of the 27001 requirements and sped up the whole process.”

Perry and his team also drew on the other bespoke tools and frameworks we’ve created to simplify the ISO 27001 journey. Our platform helped them:

  • Map the information security risks they face
  • Identify and rate their ISMS’ interested parties
  • Ensure internal management buy-in
  • Log and pick up any corrective actions and improvements
  • Manage the whole process

“In general the way the various sections link together is very useful, compared to a bunch of separate spreadsheets and word documents. Also that there are tips to the approach and suggested wording that sits alongside the Virtual Coach module. These together help form a cohesive 3D model for what initially seems like an abstract set of requirements.”

Ziptech worked through the UK’s 2020 Covid-19 lockdown to create and implement their ISMS. When they were ready for certification, they came to us for advice on the best external auditor. We helped them find the right one, leading to certification success in March 2021. They’re also using our platform to manage their GDPR compliance.

How we’re partnering with Ziptech Services

Our platform is versatile and powerful. We’re very happy to help our partners use it to help their own customers with their compliance and regulation challenges. So Ziptech Services have become ISMS.online partners as well as customers.

“We can see the versatility of the system, not just for ISO 27001 but for 90001 (which we’ll likely do ourselves) and other certifications or management processes. As an IT managed service provider we envisage utilising the ISMS.online system to help clients attain certifications or maintain regulations, like GDPR for example.”

What’s next for Ziptech Services

Ziptech Services plans to build on its ISO 27001 certification by using our platform to achieve ISO 9001 and manage their GDPR compliance. As part of its GDPR project, Perry’s looking at creating an ISO 27701-compliant privacy information management system.

Our platform will simplify both projects by helping Perry draw on the ISO 27001 work he and his team have already done. And of course they’ll be sharing our platform with their own customers, helping them solve their information security, privacy and business continuity challenges too.

Everyone we helped go for an ISO 27001 audit passed first time. You could too.