Case Study
Workforce Metrics achieves ISO27001
certification in only three months for under £5k!
When Workforce Metrics was founded by Andy Shettle in 2009, the company was
literally just him and his PC.
In addition to this, there are the statutory requirements of the Data Protection
Act 1998, which apply to all organisations and are often cited in public sector
tender documents and requests for proposals. These drivers, together with the
rising cost of security breaches in terms of fines, loss of reputation and the
impact on the confidence of stakeholders, means that there is a growing
requirement to provide supply chain assurance through UKAS-accredited
ISO27001 compliance certificates.
1) Partner assurance;
To quote Andy:
www.itgovernancegulf.com Page 2
Case Study Microbusiness achieves ISO 27001 certification in 3 months for <£5k!
PROCESS Andy was impressed with the project support that he received from IT
Governance: “When I first met Steve [Watkins], I was unaware that
he had written several books on ISO27001. It was only later that I
realised why the advice that I had been given was so authoritative:
Steve is surely one of the most experienced consultants in this field.
“I had heard many stories from clients about how many years it could
take and the cost involved in achieving ISO27001 certification, and
there’s no doubt that some organisations could struggle, should they
be offered poor quality advice. We, on the other hand, achieved our
goal in four months by hiring IT Governance’s Mentor & Coach support
service!
www.itgovernancegulf.com Page 3
Case Study Microbusiness achieves ISO 27001 certification in 3 months for <£5k!
“Our consultant made sure that what we had in the ISMS was right for
our situation: enough to ensure that we complied, but not overkill for
a small firm. So many smaller organisations spend too long carrying
out risk assessments and creating unnecessary documentation that
they imagine (or are told) is a requirement of putting the ISMS
together. The object though is an ISO27001-compliant information
security management system, and that can be achieved in a way that
works for small businesses as well as larger companies. We received
only two recommendations for improvement during Stage 1, and by
the Stage 2 external Audit, our ISO27001 ISMS passed first time with
one minor non-conformance recorded that was easily addressed.”
“My best advice to other small businesses that are seeking to comply
with ISO 27001? Don’t agonise over how to do it or how long it will
take… call in IT Governance and let the ISO27001 experts show you
how to achieve the best result. This will save you time and money,
and ensure the desired outcome: ISO27001 accredited certification.”
www.itgovernancegulf.com Page 4
Case Study Microbusiness achieves ISO 27001 certification in 3 months for <£5k!
Just as we have helped Workforce Metrics to achieve ISO27001 compliance on time and
within budget, we can help you. Email us today at servicecentre@itgovernancegulf.com
Workforce Metrics is one of the UK’s fastest growing employee relations software
providers. With its highly configurable, web-based software solutions, Workforce
Metrics helps HR departments improve compliance and increase the visibility of
information within their organisations so that efficiencies and profitability are enhanced.
Workforce Metrics is the UK’s only provider of ‘ER Tracker’, a flexible and adaptable HR
software solution, designed to address and reduce the inefficiencies commonly
associated with employee relations cases. With a focus on diversity, fairness and
privacy, ER Tracker helps to ensure the equal treatment of all employees, in line with
all aspects of latest government legislation.
Navigate to Workforce Metrics’ range of products to find out more about ER Tracker:
www.workforcemetrics.co.uk/home
The Audit People are an ISO/IEC 27001:2005 UKAS accredited Certification Body. UKAS
accreditation means that The Audit People is a recognised certification body, and have
been able to demonstrate competence, impartiality and performance capability.
The Audit People are committed to ensure that a personal and impartial audit is
conducted by competent auditors and welcome enquiries and questions concerning the
audit and certification process.
www.theauditpeople.com
About IT Governance
We have since developed our offerings into various other management disciplines and
now provide a comprehensive single source of information, advice, books, toolkits,
software, consultancy and training for IT governance, risk management, compliance
and IT security testing.
E-mail: servicecentre@itgovernancegulf.com
Web: www.itgovernancegulf.com
www.itgovernancegulf.com Page 5
Case Study Microbusiness achieves ISO 27001 certification in 3 months for <£5k!
www.itgovernancegulf.com Page 6