The client was a tech start-up, operating in a highly regulated industry, developing systems that had the potential to hold significant amounts of personal data.
The client was developing tech solutions for government and transport sector usage, and had been required to achieve ISO 27001.
Cambridge Risk Solutions worked closely with the client to develop a Management System that would satisfy the requirements of ISO 27001. Given that the company was a start-up, a pragmatic solution was required which would be user friendly, enable full ownership by the client, could be easily scaled as the company grew, and would be achieved within a tight budget.
Our consultant worked closely with the client to develop a system that was user friendly. We were also able to help the client ensure ‘privacy by design’ in all their systems, ensuring compliance with data protection legislation, and future-proofing the systems that they were developing.
We supported the client through the audit, and the client has subsequently felt confident to be able to manage their own system, although we continue to provide support on an ad hoc basis.