At ADL Consulting, we encourage our clients to think of the information in their business as an asset. Like other important business assets, information has a value and consequently needs to be suitably protected. For this reason, we support our clients in gaining ISO 27001, enabling them to prove that they take the security of their personal / business information seriously.
In our experience, implementing, managing and maintaining ISO 27001 using spreadsheets can be problematic, particularly as the company grows. The complexity and lack of intuitive interface makes it problematic for clients to engage, meaning that ADL has to shoulder most of the workload in order to prepare clients for audit and certification.
Having been introduced to the 27k1 ISMS in September 2019, we have found that the software’s design and approach to ISO/IEC 27001 complies with the formal demands of the standard yet is easy to follow and allows for a huge amount of flexibility. This means that we can use the Consultant Version to demonstrate the system to clients, who readily understand the layout and requirements for data entry that work towards the Statement of Applicability. Once they purchase the system for themselves, they can submit their assessment criteria and asset data and from the integrated reports, then determine how they wish to treat their information Security assets.
Using the 27k1 ISMS with my clients has allowed them to undertake much of the data entry and preparation for audit. In turn, ADL has reduced the number of consulting days spent with each client, which while reducing the overall costs for the client has allowed ADL to manage the needs of other clients elsewhere – it’s a complete win/win.