How Kocho built an Integrated Management System for multiple ISOs and corporate risk management

Multiple Standards
IT & Services
Mid-Market
Download PDF

Kocho helps clients enhance their security posture, streamline IT operations, and achieve cost-efficiencies. Demonstrating high standards of security and operational excellence to recognised international standards​ is essential for Kocho to secure work and retain clients’ trust.

The Challenge

Kocho was formed following the merger of two companies, only one of which was already compliant with ISO 27001 and ISO 9001. Each had different approaches to risk management. Kocho needed to integrate the best practices from both to create a cohesive framework for ISO 27001 and 9001 compliance.

“We needed to unify our approach and create a single, streamlined system for managing compliance. We were doing things the clunky old way with lots of spreadsheets, and we wanted to get a lot more efficient.”
Steve Martin Head of Sustainability and Compliance, KOCHO

Both companies previously relied on cumbersome spreadsheets, which proved inadequate for effective compliance management. Regular risk reviews and follow-up tasks are essential for maintaining compliance, but busy staff found the spreadsheet-based system inefficient and time-consuming.

“You can’t do risk management with a spreadsheet. It’s impossible because you can’t get a proper overview, so you get bogged down in reviewing certain items only. Everyone loses interest and you don’t make good progress.”
Steve Martin Head of Sustainability and Compliance, KOCHO

Kocho needed an efficient solution to manage compliance and risk across multiple ISO standards. They aimed to build an Integrated Management System (IMS) that would simplify, standardise and centralise their compliance efforts, enabling stronger ongoing engagement and oversight.

“Our employees understand the importance of compliance, but they are already very busy. So the risk review experience needs to be as easy and efficient as possible.”Steve Martin Head of Sustainability and Compliance, Kocho

The Solution

Kocho chose ISMS.online to manage compliance for ISOs 27001 and 9001, and now also ISO 14001. They consolidated policies, trackers, and documentation across various ISO standards into one centralised platform, simplifying management and ensuring all relevant information is in one place. A centralised view with easy filtering and tagging makes it far easier to track progress and spot risks and vulnerabilities.

“ISMS.online makes our day-to-day compliance management very efficient. Having everything together in one centralised, well-ordered place allows us to easily see progress, priorities, and what’s coming up.”
Steve Martin Head of Sustainability and Compliance, Kocho

Recognising the platform’s potential to manage all types of compliance, Kocho has extended its use beyond ISOs, incorporating business-level risk management and other compliance areas. These include health and safety, and a list of blocked countries. It is easy to replicate templates, customise features, and link relevant information across different compliance areas — using ISMS.online as a secure, scalable IMS. 

“Setting up new compliance areas is pretty straightforward. Being able to easily view and link related information is the beauty of the tool — it would be very difficult to represent that visually in a spreadsheet or Word doc.”
Steve Martin Head of Sustainability and Compliance, Kocho

“ISMS.online has revolutionised the way we manage compliance internally, beyond ISO standards. It should be rebranded as “Compliance.online” to better reflect its true scope and value!”

Steve Martin, Head of Sustainability and Compliance, Kocho

The Result

Consolidating not only multiple ISO standards but also key business-related risks into an IMS has been transformative for Kocho. It has improved risk management efficiency, effectiveness, and accountability. ISMS.online has given Kocho a comprehensive, cost-effective compliance solution, enabling a small team to manage compliance to a high standard and ensure continuous improvement.

“The ROI of ISMS.online is evident as it enables our small compliance team to manage multiple ISOs plus other corporate compliance requirements. It gives us the core capabilities we need at a very competitive price.”
Steve Martin Head of Sustainability and Compliance, Kocho 

External audits now take less time because it’s straightforward for auditors to access and check everything within ISMS.online, reducing questions and speeding up the process. The clear proof it provides of Kocho’s effective risk management has bolstered their confidence, which Steve views as an intangible but valuable benefit.

“Having ISMS.online has built our audit confidence because we can show we’re managing things well and mitigating risks. And audits are quicker because it’s easier for the auditor to see all the information they need.”Steve Martin Head of Sustainability and Compliance, Kocho 

The intuitive user interface, automated reminders, and clear visibility over tasks and progress ensure timely and efficient risk reviews, strengthening a culture of compliance.

“ISMS.online revolutionised our risk reviews. We streamlined our processes, improved visibility, and increased engagement. People are now excited to participate because the process is quick and efficient, and it’s easier to hold everyone accountable. It’s a spectacular difference.”
Steve Martin Head of Sustainability and Compliance, Kocho 

What’s Next?

As well as working towards ISO 14001 certification, Kocho is planning to add DORA and NIST management to their IMS. The company’s commitment to continuously extending and improving their use of ISMS.online is partly due to the high-quality service provided by its support team.

“The ISMS.online team’s communication is second to none. They’re always very responsive, helpful, and patient — a delight to work with. They’re committed to building an ongoing relationship and continuing to improve the platform.”
Steve Martin Head of Sustainability and Compliance, Kocho 

For more information, visit our integrated compliance page or contact us to see how we can help your business.

Latest case studies

Want results like this?

100% of our users achieve ISO 27001 certification first time. Start your journey today

See how we can help

Explore ISMS.online's platform with a self-guided tour - Start Now