An introduction to information security management

information security management system isms for effective information security management

Let me introduce myself! I’m Julia Heron, the latest team member to join Alliantist on a project to bring their new product,, to market. is powered by pam, Alliantist’s all powerful collaboration platform used not just by the private sector but by a range of public sector clients, many of whose demand for the highest level of security is satisfied by pam’s PSN accreditation to handle information marked up to ‘Official-Sensitive’.

With the first week under my belt, I reflected on the five days spent settling in to the team, discovering the features and benefits of pam and and, of course, the issues surrounding ISO 27001:2013 and cyber security. I thought I’d share my experiences of the most productive induction week I’ve ever experienced, thanks to pam!

Day 1 – I was guided through health and safety, security policies and how the organisation used pam for managing work, projects and communications. It didn’t take long to find my way around pam and everything was easily located in clearly defined areas and, lo and behold, there was my staff induction project, already with tasks assigned for me. It was a little daunting to see so much information on the platform and realise this was the first truly paperless organisation I’d come across. What a difference this made to the office which was unbelievably neat and tidy! 

Day 2 – the boss was late in as he dealt with yet another successful pam client roll-out. How fantastic to see projects and tasks on my dashboard that meant I could start to get on with stuff independently rather than the usual awkward hanging around waiting to be given work.

Day 3 – a busy ‘marketing’ day looking at content and messaging. It was clear I needed to spend time with Andy, our talented designer, to discuss the new website for What a joy, no emails, no phone calls, no shouting across the office, just a quick check on shared calendars, a message to Andy through pam with the things we needed to cover, and all sorted. We had a great meeting with notes and agreed actions recorded straight into pam and, by the end of the day, all actions were complete – real progress!

Day 4 – a review of CRM systems, not just their functionality but how they might impact on our own information security system. Interesting to find that so few of the CRM providers are accredited to ISO 27001 but, again, reassuring to find Alliantist living by its ISO 27001:2013 procedures, evaluating the potential risks and considering the impact of a supplier on its ISMS.

Day 5 – the big news story on the drive to work…Talk Talk and it’s major information security breach. Clearly there are more and more instances of major security breaches being reported and whilst simply having ISO 27001 accreditation is not a cast iron guarantee against such breaches, it does indicate a company committed to information security. Having seen how Alliantist manage their ISMS, through, I can see why their ISO 27001 accreditor reflected that it was “the best implementation of an ISO 27001: 2013 , UKAS Accredited, Information Security Management System” he’d seen!

Friday was an intense day of getting deeper into pam to find how it will be used in to deliver customers everything they need to gain, maintain and improve their ISO 27001. It was immediately obvious how easily it could handle multiple standards and compliances, saving information security teams from having to duplicate common procedures. Simple linking means everything securely online, all in one place and with easy retrieval. Discovering the power of proved, if there was ever any doubt, that customers will really benefit from savings in management time and cost, that staff and stakeholder engagement is effortless and creating shared projects with assigned tasks and KPI’s make working together more productive.

To sum up, in a career spanning 33 years in commerce, I have never experienced a company as committed to its standards and procedures as Alliantist. Neither have I ever seen such a powerful online tool that will revolutionise the way I work and, I’m happy to say, the way in which our future customers will work.