ISO 27001 certification
“When we were looking for a partner to work with us, I made it clear to the team that our number one priority should be getting the right people. From the get-go I found Ascentor not only professional but also friendly and accessible.
“Working with a partner who was collaborative, approachable, and the right fit for claireLOGIC was our number one priority.”
Andre Vaux, Managing Director, claireLOGIC
claireLOGIC is an innovative IT Managed Service provider serving businesses in the finance, legal and retail sectors.
Under their in-depth IT Strategic Review service, claireLOGIC builds a business case on value by aligning a client’s technical requirements with its business plan through a technological roadmap.
With over 20 years of experience, claireLOGIC offers a fully Managed IT Service, leading businesses to use technology as an asset rather than a business blocker.
Through continual improvement of their systems, claireLOGIC identified internal and customer advantages through attaining ISO 27001 certification. Possessing ISO 27001 proves that claireLOGIC has documented processes for handling data. In addition, there are formally defined controls and procedures that external auditors verify are in use.
As an established ISO 9001 certified company, claireLOGIC were keen to partner with an organisation not only capable of supporting them with their ISO 27001 ambitions and working in a collaborative, personable and helpful way and shared business values.
Having considered a number of organisations purporting to specialise in this area, claireLOGIC decided to engage with Ascentor.
The first step on the journey was for Ascentor to conduct an ISO 27001 Gap Analysis. Ascentor’s Gap Analysis service assesses what the business is currently doing to fulfil its business and commercial obligations against the requirements of the standard it wishes to achieve. The ‘gaps’ highlight the areas which require attention and remediation work to ready the business for an external assessment.
The initial engagement involved a series of workshops and meetings with key claireLOGIC stakeholders. The output was a report which provided claireLOGIC with a roadmap of activities needing to be undertaken and completed in readiness for the external ISO 27001 Stage 1 and Stage 2 audits. In addition, claireLOGIC were armed with a view of how much effort and over what time period preparation would be required.
From this, claireLOGIC decided to engage Ascentor to support them with:
- The implementation phase – remediating identified areas for attention from the Gap Analysis phase;
- Evidence gathering – supporting claireLOGIC with the running and operation of their initial audits, the output from which would serve to support any evidence the external auditor would need as part of their overall assessment.
As the engagement and relationship progressed, each stage built smoothly on its predecessor to achieve a smooth, managed transition and development towards the desired outcome.
With Ascentor’s expert support and guidance, the Stage 1 audit was a success, followed by the Stage 2 audit, which identified a single minor nonconformity (where less than 5 is generally considered very good at Stage 2).
claireLOGIC now have a much clearer picture of its key assets and the risks to those assets, as well as its supply chain’s security posture and the threat landscape as it relates to their client base.
Certification was achieved within the 9-month timeframe originally identified during the Gap Analysis phase.