From ISO 27001 implementation to follow up audits with ISMS.online
The Challenge
Whilst there was no urgent driver to achieve ISO 27001 certification, Amigo’s executive team recognised that the enterprise level customers they attract were increasingly seeking information security assurance.
Amigo is always keen to differentiate itself through excellence and wanted to demonstrate its commitment to information security and protecting customer data through a UKAS accredited ISO 27001 certification.
The challenge was a common one, especially for an SME. Amigo did not have a person dedicated full time to an information security role so was looking to automate and simplify the process as much as possible. There was limited knowledge of the ISO 27001 standard, and they recognised that a traditional consultancy-led approach could be expensive and would still leave them needing to build a structure for the ISMS and consider how to manage and evidence the required work processes. Emmie Cooney, Amigo’s Operations Manager, summed up the challenge they faced:
“We’re an agile organisation with a tech-savvy team which means we run a paperless office with all activity being cloud-based. To be successful we knew we needed technology to support our way of working and help us achieve our goals with limited disruption to business-as-usual.”
Operations Manager, Amigo