Tai Tarian regularly handles large amounts of sensitive data including financial and personally identifiable information of its tenants, leaseholders, and other customers. Ensuring all data and networks are securely protected is critical to Tai Tarian’s ability to support its customers.
The Challenge
In 2021, as cybersecurity was becoming an increasing concern for organisations, Tai Tarian’s technology and innovation (T&I) team decided to take a strong stance and pursue ISO 27001 certification. Amongst its competitors and suppliers, few if any had ISO 27001 certification, yet the risks were growing.
“We wanted to become ISO 27001 compliant to show we take cybersecurity seriously. Another housing association in Wales was hacked recently, and it cost them many zeros, a lot of downtime, and reputational damage.”
Technology & Innovation Compliance Manager, Tai Tarian
While highly competent IT professionals, none of Tai Tarian’s T&I team had much previous ISO 27001 experience. Although they were already following good security practices, there was room to improve documentation, standardisation, and risk management. Getting staff buy-in to achieve ISO 27001 certification was vital.
“A big challenge was getting everybody on board with improving our compliance and risk management. You can’t just tell them it’s happening: you’ve got to bring them along and get them to work with you.”
Technology & Innovation Compliance Manager, Tai Tarian
The Solution
Tai Tarian has an ongoing partnership with expert IT infrastructure and services provider Softcat, led by their Account Director, Lian Staunton. To lay a strong foundation for ISO 27001 success, Lian aligned Softcat’s internal advisory team to work alongside Tai Tarian’s T&I team. Together, they created a clear structure and roadmap for Tai Tarian to work toward achieving certification.
Softcat helped Tai Tarian implement ISMS.online. The compliance team then set to work on ensuring the right processes, policies, and information were in place for ISO 27001 certification.
Tai Tarian found the ISMS.online corrective actions tracker provides a useful visual tool for easier monitoring and accountability, which facilitated staff engagement. Challenging tasks like creating a risk register were simplified by ISMS.online’s templates and comprehensive reference information.
“The risk bank within ISMS.online really helped us out and sped us along, because we weren’t starting from scratch. It enabled us to start documenting and managing risks much quicker than we would have done otherwise, and we probably covered them more thoroughly as well.”
Technology & Innovation Compliance Data Officer, Tai Tarian
From the start, Softcat has played a significant role in Tai Tarian’s ISO success, providing tailored advice, guidance, and hands-on support. As well as the practical benefits, this partnership also gives the T&I team confidence that they can overcome whatever challenges arise.
“Softcat are integral to what we do. They take the weight off us and get things happening. Lian Staunton is Miss Fixit: I’ve not yet come across anything that she can’t sort for us.”
Technology & Innovation Compliance Manager, Tai Tarian