A large legal services SaaS provider needed to achieve ISO 27001 certification. This was critical to demonstrate effective security practices to customers and prospects.
The business was experiencing significant growth and introducing new service hosting options to the marketplace. The client needed an experienced partner that could provide the leadership needed assess cybersecurity capabilities and immediately recommend improvements. Their time to value was extremely short as new business depended on the ability to achieve compliance.
Our service included Compliance Management and Cybersecurity Governance Implementation. The Compliance Management service focused on ISO 27001, ISO 27017 and ISO 27018 certification. We identified the Information Security Management System (ISMS) scope and led the readiness process.
Cybersecurity Governance Implementation focused on the processes needed to maintain effective cybersecurity controls and compliance over time as new products were introduced and existing products were modified.
The results achieved as a result of the engagements include:
- Enable the client to increase revenue by achieving certification
- Improved cyber risk management culture by educating team members to model threats and apply reasonable cybersecurity controls