Enterprise Software Developer Earns ISO 27001 Certification
Company Size
11-200
Product
- NAVEX IRM
Tech Stack
- Integrated Risk Management
Implementation Scale
- Enterprise-wide Deployment
Impact Metrics
- Brand Awareness
- Customer Satisfaction
Technology Category
- Analytics & Modeling - Real Time Analytics
- Application Infrastructure & Middleware - Data Exchange & Integration
Applicable Industries
- Software
Applicable Functions
- Business Operation
Use Cases
- Cybersecurity
- Regulatory Compliance Monitoring
Services
- Software Design & Engineering Services
- System Integration
About The Customer
The customer is a small enterprise software development company with about 85 employees. The company was seeking to achieve ISO 27001 certification, a globally recognized standard for information security. The certification would require the company to establish a sustainable information security management system (ISMS) that could comply with all seven ISO 27001 categories. The company's Chief Technology Officer (CTO) was leading the project.
The Challenge
The enterprise software developer, a small company with about 85 employees, set a goal to achieve ISO 27001 certification. This certification sets the standard for information security and requires a sustainable information security management system (ISMS) that can comply with all seven ISO 27001 categories. The company knew that using spreadsheets for compliance would not be sufficient due to the rigorous requirements of the certification. The Chief Technology Officer (CTO) was leading the project and needed a technology solution to build an ISMS capable of earning ISO certification.
The Solution
The company selected NAVEX's solution, NAVEX IRM, for its capabilities in integrated risk management (IRM). NAVEX IRM enables organizations to gain a comprehensive view of their business and operations from a risk perspective, connecting individual risk disciplines and managing them in one centralized program. The solution streamlines compliance with multiple regulations and standards, including ISO. The CTO documented ISO 27001’s seven categories of requirements in NAVEX IRM and then leveraged the solution’s functionality to meet requirements, satisfy auditors and earn certification. During the ISMS design phase, the CTO documented objectives, policies, procedures and macro roles, and developed the ISMS manual to govern the entire program, all in NAVEX IRM.
Operational Impact
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
Related Case Studies.
Case Study
Factor-y S.r.l. – Establishes a cost-effective, security-rich development environment with SoftLayer technology
Factor-y S.r.l., a web portal developer, was faced with the challenge of migrating its development infrastructure to a reliable cloud services provider with highly responsive technical support. The company needed a solution that would not only provide a secure and reliable environment but also support its expansion by providing resources to create and deliver innovative offerings.
Case Study
Darwin Ecosystem: Accelerating discovery and insight through cutting-edge big data and cognitive technologies
Darwin Ecosystem was founded with a unique vision of harnessing chaos theory mathematics to uncover previously hidden connections in unstructured data. The company’s algorithms can look at all the data generated by any source (such as news, RSS feeds and Twitter), and analyze how a specific set of concepts within that data are evolving over time. This is particularly valuable in situations such as business and competitive intelligence, social research, brand monitoring, legal discovery, risk mitigation and even law enforcement. A common problem in these areas is that a regular web search will only turn up the all-time most popular answers to a given question – but what the expert researcher is actually interested in is the moment-tomoment evolution of the data available on that topic. Darwin’s algorithm is computationally intensive, and the sources of data it correlates can be vast. To bring its benefits to a larger commercial audience, Darwin needed to find a way to make it scale.
Case Study
Zend accelerates, simplifies PHP development
Zend Technologies, a major contributor to the PHP open source community, needed to keep pace with emerging trends such as mobility, agile development, application lifecycle management and continuous delivery. The company needed to provide the right tools to the worldwide community of PHP developers. The challenge was to support enterprise-class capabilities from end to end, including mobile, compliance and security. The pace of business required developers to show results fast across a variety of devices without compromising quality or security.
Case Study
Delivering modern data protection with cloud scale backup from Cobalt Iron and IBM
Organizations are struggling to modernize their legacy data protection environments in the face of growing demands around new infrastructure, new applications, and budget consolidation. Virtualization and modern application development processes have significantly outgrown legacy backup architectures. In response, infrastructure teams have created multiple backup solution types to handle the varying SLAs (performance, scale, cost) required by their business sponsors. However, the sheer number and variety of solutions in this uncontrolled expansion creates huge amounts of work, threatening to overwhelm the IT team in many organizations. Today, developers may add new applications and virtual server instances by the hundreds per day without accounting for the restrictions of the existing backup infrastructure. They leverage the cloud for immediate compute and storage resources, yet rarely communicate succinctly with corporate IT to ensure that the appropriate data protection services are in place.
Case Study
Achieving near limitless scalability and flexibility with data in the cloud
Web-based publishing platform SpaceCraft found that as its client base grew, it was spending an increasing amount of time managing its databases, distracting its focus from product innovation. As its user base rapidly expanded, data volumes at SpaceCraft began to rise dramatically. Along with their main focus on maintaining and further developing a great platform for web publishing, the SpaceCraft team had the added pressure of managing the increasing quantities of data while ensuring ongoing high performance for clients.
Case Study
nViso SA – Delivers emotion recognition solutions worldwide with a scalable SoftLayer hosting solution
nViso SA, a company that provides emotion recognition solutions, was in need of a high-performance cloud hosting infrastructure. The company wanted to extend its services to a global customer base. The challenge was to find a solution that could handle the demands of their growing customer base and the need for high performance and reliability.
