We’ve pre-built our platform with almost everything you’ll need to create or improve your management system, then achieve the standards or meet the regulations you need to.
We can help you with your:
- Information Security Management System
- Personal or Privacy Information Management System
- Business Continuity Management System
- Integrated Management System
Once your management system’s up and running, we can help you achieve:
- Infosec standard ISO 27001
- Privacy standards ISO 27701 and BS 10012
- Privacy regulations like GDPR, CCPA and POPIA
- Business continuity standard ISO 22301
That’s just a starting point. We can help you with many other standards and regulations too.
All you need to bring is:
- Your understanding of your organisation
- A relatively small investment of time and effort
That’s all we need to help you show your stakeholders just how seriously you take their information security.
What do you get when you sign up?
Our all-in-one place, cloud-based platform is full of easy-to-use, practical features. We’ll help you:
Create your ISMS, PIMS, BCMS or IMS
- Get the most out of our platform so you can build your management system on firm foundations
Achieve the right standards or regulations
- Comply with confidence and achieve certification certainty
Stay protected and keep growing
- Safeguard your organisation by achieving, renewing or evolving compliance or certification
And you get us. We’ve been in your shoes and we’ve helped many other organisations like yours. So we understand exactly how to help you get to where you need to be.
How our process works
We help people with widely varying levels of expertise create different kinds of management systems for all sorts of organisations. So we don’t have one single process. We understand what’s going to be most helpful for each new customer, then we let that guide us.
The guide and FAQs below describe how we work with one of our most common types of customer, an organisation that’s:
- New to infosec
- Needs to achieve ISO 27001 on their first attempt
If that’s you, then this is how we’d work with you.
Because we’re describing how we work with infosec newcomers, there’s a lot of handholding involved. If you already know what you need and how to achieve it, we’re just as happy to stand back so you can get on with it and reach your own goals.
Getting the most out of our platform
We give you and your users an all-in-one-place ISMS solution. Everything you need for ISO 27001 and beyond will be there waiting from your very first sign-in. And because we’re cloud-based, you can access our system whenever and wherever you need to.
We’ll be with you and your users every step of the way. Our Virtual Coach will be there for you and them 24/7, sharing context specific support and guidance. Live Helpdesk support is also available from within our platform, to solve any particularly knotty problems.
Our Service Delivery Team will help you with in-depth challenges. They’re ISMS and ISO 27001 specialists, with deep practical experience. And your own personal Account Manager will get to know you and your organisation, making sure you always get the best out of us.
They’ll guide you through our Assured Results Method. It’s a simple, speedy path to ISO 27001 compliance then certification. Every organisation that’s followed it all the way to certification has passed their audit first time.
We can also make sure you have all the infosec confidence, capability, capacity and discipline you need for compliance or certification. We’ll show you how to make the most of your existing resources, build them up if you need to, or find the right people to fill any gaps.
Build your ISMS on firm foundations
You’ll start with the big picture. Our Adopt / Adapt / Add documentation will help you define everything from your organisation’s context to how you’ll keep your ISMS updated. Just adopt the content that works out of the box, adapting or adding to it where you need to.
Then you’ll pin down the information assets your ISMS will protect. Our pre-configured Information Asset Inventory makes that a simple task. It’ll help you record and classify them all, giving your ISMS a clear, well-thought-out starting point.
Next you need to know which risks to protect them from. That’s when you reach for our Risk Bank. We’ve populated it with over 100 common potential risks. Just pick the ones that apply to your organisation. And it’s easy to add any unique ones only you face.
Our pre-loaded, actionable Adopt / Adapt / Add Policies and Controls will show you how to protect your information assets from the risks you’ve defined. They’ll also help you flesh out your ISMS’ broader operational details.
As you work through them, you’ll identify infosec improvement opportunities throughout your organisation. Our platform makes it easy to record them, work out who’s going to fix them, then keep an eye on their progress and make sure the job gets done.
Comply with confidence
Our platform will walk you through the ISMS launch process. We’ve pre-configured a template to help you structure and manage launch meetings, record minutes, discussions, actions and anything else, and lay the groundwork for ongoing ISMS oversight and review.
And you’ll need to make sure that your colleagues and suppliers understand and comply with your ISMS’ policies and controls. We’ve made it easy to share the right guidance with the right people and then be sure they’ve read and accepted it.
Then our pre-loaded Audit Programme will take you through your internal audits and a management review. You’ll check back over every part of your ISMS, fix issues and make improvements. Once that’s done, you’ll be confidently ISO 27001 compliant.
And our platform makes it easy to show people what you’ve achieved. Board members and colleagues will see how you’ve transformed your organisation’s information security. And customers and other external stakeholders will know how safe their data is with you.
Achieve certification certainty
We’ll guide you to ISO 27001 certification too. We can help you find the right certification body and successfully navigate the two external audits needed to achieve certification. Your auditors will check your ISMS’ documentation, then visit your organisation to see how well it works in action.
Our platform makes it easy to show them how robust and comprehensive your ISMS is. And they’ll meet your colleagues and perhaps other stakeholders, who will all be following clearly-defined, well-understood infosec procedures. We’re confident you’ll pass first time.
Safeguard your organisation
Your ISMS will help you reduce the risks your organisation faces. When there is a security challenge, you’ll be ready. Our proven ISMS capabilities will help you respond quickly and effectively to any security breach or attack, record your actions and show that you’re completely in control.
Retain, renew and evolve your certification
Once you’re ISO 27001 certified, we’ll help you retain and renew your certification. It lasts for three years. Your auditors will return for at least two annual surveillance audits and a re-certification audit. You’ll need to carry out several internal audits too. We’ll help you through them all.
If your business evolves and you need to protect it in new ways, we make building on ISO 27001 simple. Our platform will help you draw on work you’ve already done to achieve a wide range of other infosec standards, with predefined content to help you on your way.