Brighton, United Kingdom, August 22, 2016 --(PR.com
)-- The cyber & information security market is growing fast and many new organisations are seeking to improve their security credentials in order to win new business or retain existing customer and stakeholder confidence. This is great news for building stronger and safer supply chains.
However, building and implementing an accredited Information Security Management System (ISMS) to meet ISO 27001:2013 could cost even a small organisation tens of thousands of pounds and many months of time. In relation to the benefits and risks, for example of a costly data breach that could seriously damage the company, the investment is still pretty small. The market is awash with solutions offering to save time and money but they don’t always do that.
Many of those new to setting up an ISMS are currently being shortchanged by long established IT governance suppliers who are selling old fashioned approaches to achieving standards like ISO 27001:2013. These approaches could actually increase total cost and create more risk by not being fit for purpose in the practical execution and management of an ISMS.
As such ISMS.Online is now taking a stand. It is giving away its successful policies to help its customers avoid these pitfalls, whilst also offering its integrated technology system at a fraction of the cost to build from scratch or buy the individual parts from others.
ISMS.Online, the innovative cyber security startup already offers all the tools and frameworks needed for information security management system success. Including free ISO 27001 policies alongside the software not only offers significant time and cost savings for organisations new to ISO 27001, it increases the chances of sustainable success too. It really is an ‘ISMS in a box’ that demonstrates significant value
Mike Saunt, CEO of Astun Technology, another new customer of ISMS.Online, felt this new initiative is really positive. He was already excited at how the cloud software was going to help deliver their ISO 27001 and this latest move will save his organisation even more time and money, giving them a very strong foundation on which to add their existing policies.
ISMS.Online describes the new initiative as Adopt, Adapt, Add and it takes an organisation up to 77% complete with its ISMS policies, out of the box. The policies that relate directly to the ISMS.Online tools and frameworks can simply be Adopted, saving huge time and cost. Other policies included can be easily Adapted for the way the organisation wants to work in practice, with the remaining 23% expected to be unique and Added by the organisation or its security advisors, as Astun Technology are doing. ISMS.Online has also provided guidelines and tips on how to approach completion and if required, can offer affordable access to specialist consultant partners too.
Mark Darby, CEO of Alliantist, the successful software firm behind ISMS.Online actually fell into the policy document toolkit trap himself 4 years ago. He said, “We like many newbies seeking to achieve ISO 27001 believed the marketing hype behind policy ‘toolkits’ and very cheap routes to standard success. We wasted about £1k on what turned out to be MS Office templates, but it also cost us more expensive management time too. We tried to shoehorn these generic policies into our desired way of working but also lacked the tools to bring it to life. I also quickly realised that the key to success was the ‘whole system’, not just policy documentation.”
“In summary, there is no value in cheap, off-the-shelf document toolkits that are not integrated into a wider system. They fell a long way short of being relevant to the way we ran our modern and agile business. They don’t help you embed information security management into your business in an integrated fashion. They certainly don’t help you manage staff communication and engagement, and they don’t provide simple and effective methods for evaluating, measuring and improving your information security posture either, all of which are critical for certification success. In short, you are a long way off operating an effective ISMS. To achieve that you need practical business tools with relevant policies and ISMS.Online meets that need.”
Darby concluded, “The real value of our solution is in the software which not only makes implementing ISO 27001 much faster, and therefore more cost effective, but also ensures you build an ISMS that is simple and effective to maintain and continually improve with less management resource. By sharing our policies and guidelines for free we are demonstrating that the true value lies not in the documents but in the whole system.”