With ISMS.online it’s a simple task
If you need to improve your ISMS, moving it onto our simplified, secure, sustainable platform will bring immediate benefits. We can help you achieve any of these goals and more:
Become ISO 27001 compliant or certified
That can be a big step. To achieve it, we’ll help you grow (and show you’ve grown) the transparency, visibility and control of your current ISMS.
Achieve more standards or comply with more regulations
That can put a lot of pressure on you and your team. You’ll need to involve and co-ordinate more people and more information. Our platform makes that simple.
Keep up with a rapidly-growing organisation
A home-made ISMS can work for small organisations. But it’ll create compliance, control and maintenance issues as the organisation grows. We offer a more powerful solution.
Cut costs and boost efficiency
Your ISMS might be hard to use, too costly or out of date. Maybe it just doesn’t meet your customers’ security needs any more. We’ll replace it with a simpler, more powerful system.
Address a failed certification or surveillance audit
You might need to rethink your ISMS to address non-conformances, corrective actions or improvements. We’ve helped many customers achieve just that.
Merge multiple management systems
Merging multiple related systems can create substantial time and cost savings, while boosting your organisation’s security and efficiency.
We can help you achieve these or any other goals. Your biggest challenge will probably be moving all the infosec work you’ve already done onto our platform. We’ve worked hard to make it a simple process, developing a suite of tools to import your documentation and data. All you need to do is choose how fast you’d like to move.
We’ll move at your speed
If you need to move quickly, you can bring your content over in days or even hours. Or you can take a slower and more deliberate approach, reviewing, reworking and updating your ISMS as you go. It’s up to you. We’ll give you as much or as little help as you need.
No surprises along the way
There won’t be any hidden costs or mandatory consulting processes to surprise you. And we’ll be there to help if migrating your ISMS means that, despite the time and hassle you save, you still need to build up your infosec confidence, capacity or capability.
Expanding easily and cost-effectively
The migration process might also involve bringing new users onboard or starting to use some of our platform’s optional features. We can take that into account too, making sure you only start paying for them once you’ve started using them.
Integrated other management systems
We can help you integrate your ISMS with other kinds of management system. Migrating to our platform can help bring your infosec, business continuity and personal / privacy information management systems in a single Integrated Management System.
“We were seeking to streamline and simplify the administration of our ISO 27001 certified ISMS and to move away from unwieldy spreadsheets. Being able to easily manage risk, and join that up in one solution with all the other management functions, has been great. We haven’t regretted our decision to migrate and the quality and speed of support have been excellent.”
Ben Smith – Head of Data, IT & Security for Flood Re
How we’ll help you move quickly to improve your ISMS
If you need to change quickly we’d suggest a lift and shift approach to address immediate issues, achieve quick wins and retain what’s already working. That’ll help you:
- Move as quickly as possible
- Gain stakeholder buy-in
- Show you’re taking urgent, focussed action
Our platform is visible and transparent, with built-in focus tracking, making it easy to show interested parties just how quickly and effectively you’re moving. You’ll be up and running within hours and days, not weeks, as many of our other customers have been.
One organisation came to us shortly before their recertification audit. They hadn’t addressed previously highlighted issues, so knew their certification was at risk if they didn’t take prompt action.
Within a couple of weeks we helped them:
- Migrate all their existing documentation onto ISMS.online. They still held it in spreadsheets and Word documents, but our built-in review, approval and reminder processes meant they could manage it much more effectively.
- Subscribe to our supplier management feature. They added all their key suppliers’ contract and contact details, and adopted our suggested Annex A 15.1 supplier management policy, addressing a specific issue raised in a past audit.
- Move their most significant risks across to our risk map and treatment plan. Our system made it easy for them to link those risks to the relevant information assets, and policies and controls.
- Upload their old risk map to cover off their less significant risks. They noted that risk migration would be completed over time on our Corrective Actions and Improvements Track. That met a previous audit goal of improving their risk management approach.
- Clarify treatment, and assign review, management and ownership of all risks, in line with ISO 27001 requirements.
- Automate their Statement of Applicability, replacing their previous complex, confusing, hard to update spreadsheet with one created using our own dynamic tool.
They continue to use our platform, evolving their ISMS to include features like our Policy Packs and overview reports.
And of course you’ll want to think about longer term improvements once the initial pressure is off. Our platform will help you set up an improvement cycle that’s right for your organisation’s culture, resources and appetite for change.
How we’ll help you rethink your ISMS if time is less of an issue
If you don’t have an urgent, specific deadline, you can take a more thoughtful approach.
One customer wanted to completely rethink their ISMS documentation as they brought it into ISMS.online. They set up a carefully planned change process, moving forward in clear, regular steps.
That meant reviewing every existing piece of documentation, then converting it all into easily digestible policies or controls for migration onto our platform. They used our optional Policy Packs feature to make sure the relevant staff understood and complied with each one. They’re now a much more secure organisation, with significantly fewer incidents to deal with.
They also took the opportunity to rethink their risks, information assets and other work lost on old spreadsheets. Our risk management and information asset tools helped them create:
- Meaningful risks to manage
- Up-to-date information assets
- Policy and control clarity
And it was easy for them to see how they were progressing at every stage of their migration, thanks to our progress reporting tools and the visual nature of our platform.
How much of your ISMS needs to change?
ISMS.online is an all-in-one-place information security management and compliance solution. But many of our customers already have some very effective ISMS components.
So our platform is modular. You don’t have to use all of it. Just add your own tools or methods. For example, if you already have effective security incident policies and procedures, just link out to and keep using them.
How will we help you manage change?
Our combination of technology and knowhow makes the whole migration process easy. In fact, in line with our platform, we’ve simplified it, made sure it’s secure and will help you use it to create a sustainable new version of your ISMS.
That’s great for you and your users. It’ll impress your managers too. And of course your auditors will love it. We’ve added features that’ll help you walk them through your migration process and show the improvements you’ve made, including:
- Date / time stamps and controls to provide audit trails
- Clear displays showing when work began
We suggest you also summarise key milestones as part of your management reviews. It might also make sense to break down specific improvement or change areas as improvement items, in line with clause 10 of ISO 27001. Our platform makes that easy.