SureCloud has added IT process automation functionality to its compliance Software-as-a-Service (SaaS) offering in a bid to help organisations more easily meet their ISO 27001 compliance obligations.
The company said one of the main barriers to more widespread adoption of ISO 27001 is that often organisations do not possess the in-house knowledge and expertise, nor do they know where to start. ISO 27001 is the recognised industry standard for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System (ISMS).
SureCloud pointed to the 2013 Information Security Breaches Survey from the Department of Business Innovation & Skills survey which found that only 25 per cent of respondents have fully implemented ISO 27001, and a similar number haven’t started nor do they intend to.
The organisation has added process support for ISO 27001 to its GRC platform. Described by SureCloud as “ISO 27001-in-a-box,” the service automates the entire process of establishing, managing and monitoring an ISMS. This not only includes processes to establish the ISMS such as asset management, information classification, risk assessment and risk treatment, but also processes to support ISO 27001 controls, such as third party management, end user provisioning and incident response.
There is also an integrated evidence library provides centralised records management, and user definable dashboards provide a ‘role-based’ view to ensure compliance is achieved as efficiently as possible.
“SureCloud’s ISO27001-in-a-box solution provides organisations of all sizes with a more robust approach to information security management and allows them to more effectively manage their security posture,” said Richard Hibbert, chief executive of SureCloud.
“Our series of ready-to-go process templates based on Electronic Forms, Workflows and Dashboards allow users to complete their information assurance programmes up to 50 per cent faster than with any manual approach. Additional benefits come with savings in resources and training, with the ability to start small and scale up across many different areas of the business over time, whilst ensuring important domain expertise is kept within the organisation, ” Hibbert added.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
Data sovereignty a growing priority for UK enterprisesNews Many firms view data sovereignty as simply a compliance issue
-
Elevating compliance standards for MSPs in 2025Industry Insights The security landscape is set to change significantly in the years to come with new regulations coming into effect next year, here's how the channel needs to adapt
-
How ready is your company for NIS2?Supported Content The EU’s latest cybersecurity legislation raises the stakes for enterprises and IT leaders - and ensuring compliance can be a daunting task
-
Top data security trendsWhitepaper Must-have tools for your data security toolkit
-
Conquering technology risk in bankingWhitepaper Five ways leaders can transform technology risk into advantage
-
Advancing your risk management maturityWhitepaper A roadmap to effective governance and increase resilience
-
When banking works, the world worksWhitepaper Five ways automated processes can drive revenue and growth across your bank
-
Automating digital resiliency in bankingWhitepaper Prioritize investment in solutions that mitigate a lack of digital resiliency when disruptions strike
