How Kocho built an Integrated Management System for multiple ISOs and corporate risk management
Download PDFKocho helps clients enhance their security posture, streamline IT operations, and achieve cost-efficiencies. Demonstrating high standards of security and operational excellence to recognised international standards is essential for Kocho to secure work and retain clients’ trust.
The Challenge
Kocho was formed following the merger of two companies, only one of which was already compliant with ISO 27001 and ISO 9001. Each had different approaches to risk management. Kocho needed to integrate the best practices from both to create a cohesive framework for ISO 27001 and 9001 compliance.
“We needed to unify our approach and create a single, streamlined system for managing compliance. We were doing things the clunky old way with lots of spreadsheets, and we wanted to get a lot more efficient.”
Head of Sustainability and Compliance, KOCHO
Both companies previously relied on cumbersome spreadsheets, which proved inadequate for effective compliance management. Regular risk reviews and follow-up tasks are essential for maintaining compliance, but busy staff found the spreadsheet-based system inefficient and time-consuming.
“You can’t do risk management with a spreadsheet. It’s impossible because you can’t get a proper overview, so you get bogged down in reviewing certain items only. Everyone loses interest and you don’t make good progress.”
Head of Sustainability and Compliance, KOCHO
Kocho needed an efficient solution to manage compliance and risk across multiple ISO standards. They aimed to build an Integrated Management System (IMS) that would simplify, standardise and centralise their compliance efforts, enabling stronger ongoing engagement and oversight.
“Our employees understand the importance of compliance, but they are already very busy. So the risk review experience needs to be as easy and efficient as possible.” Head of Sustainability and Compliance, Kocho
The Solution
Kocho chose ISMS.online to manage compliance for ISOs 27001 and 9001, and now also ISO 14001. They consolidated policies, trackers, and documentation across various ISO standards into one centralised platform, simplifying management and ensuring all relevant information is in one place. A centralised view with easy filtering and tagging makes it far easier to track progress and spot risks and vulnerabilities.
“ISMS.online makes our day-to-day compliance management very efficient. Having everything together in one centralised, well-ordered place allows us to easily see progress, priorities, and what’s coming up.”
Head of Sustainability and Compliance, Kocho
Recognising the platform’s potential to manage all types of compliance, Kocho has extended its use beyond ISOs, incorporating business-level risk management and other compliance areas. These include health and safety, and a list of blocked countries. It is easy to replicate templates, customise features, and link relevant information across different compliance areas — using ISMS.online as a secure, scalable IMS.
“Setting up new compliance areas is pretty straightforward. Being able to easily view and link related information is the beauty of the tool — it would be very difficult to represent that visually in a spreadsheet or Word doc.”
Head of Sustainability and Compliance, Kocho
Based
United Kingdom
Company Size
201 - 500 employees
Industry
Information Technology & Services
Compliance Frameworks
ISO 27001, ISO 9001, ISO 14001
Experts in identity, security, and cloud solutions, Kocho offer IT services and consulting that optimise business performance through robust cybersecurity and managed IT services.
ISO 27001 & ISO 9001 success
Achieved certifications with no major non-conformities, demonstrating high compliance and effective management systems
Shorter external audits
Enabled fast, efficient external ISO audits
Strengthened compliance culture
Increased staff participation and accountability for risk management
