What challenges were you and your team experiencing prior to working with us – what prompted you to seek a solution? We had previously worked with a consultant to support us through ISO 27001. However, after realising they could only support us remotely, as one person, we recognised the need to work with a company that could step in and take what we had and bring additional value. We wanted a bigger team to support us with industry experience, as with more people you get a wider breadth of knowledge.
How did you go about searching for the solution and services? I knew what I wanted from experience with the previous ISO consultant. I did not want a company that would rewrite policies and procedures just for the sake of it, so I did some virtual shopping and found Evalian®’s website. There were a couple of words that struck me as being exactly the type of service I wanted; pragmatic and practical.
Please describe the reasons you decided to work with us. Speaking with Evalian® confirmed their pragmatic and practical approach. I got the impression that they would fully adopt what we already had in place and build on it.
Danny has been great – he listened to what we wanted and digested the information and was particularly good at seeing what we were trying to achieve. We liked that Evalian® acted as one of the team, and they are a resource that I can lean on for the ISMS support as well as hold us to account, rather than just pointing out problems and leaving us to fix them ourselves.
Did you have any expectations going into the process? We wanted to work with a company with a wider domain knowledge than we’d had previously. Taking on Evalian®, was a good opportunity to get multiple insights from the team and get more breadth of knowledge.
I had a view of how many internal audits we wanted to do. I wanted someone to come in and investigate areas we knew we were weak in, and business continuity was a topic I wanted to look at in particular. We wanted someone engaging that would really integrate themselves into the business and realise what we needed support with. Evalian® has done that.
Can you describe the process we took your business through and anything you learnt about your own business through working this way? To a certain extent we were working to a budget, but what seemed to work very well, was a site visit to get Evalian® up to speed. Our primary consultant, Danny, joined us for a couple of days on-site, which was extremely helpful and gave us the opportunity to build up a bit of rapport. It helped give us that focus and confidence in our structure.
Were there any challenges you found along the way and how did you feel we or your consultant, helped to support you through that? It was difficult doing this during the lockdown, but we knew we needed to meet face to face and walk through everything and get familiar with where some of the weaknesses were. But overall, it’s been a smooth process thanks to the support from Evalian® and how open and communicative Danny has been.
What has been the most significant achievement for your business facilitated by using our services? We had a void to fill and knew that the consequences of not filling it, would be a showstopper in terms of continuing our business. Our products are deployed in support of the GB smart meter rollout, and so it is a contractual requirement that we have ISO 27001. With evalian®’s support, our ISMS paperwork is on track, and we are in a much more confident and secure place.
What do you hope to achieve in your future working relationship with us? We are happy with the way things are progressing with Evalian® and are confident with the support they provide. It has been such a straightforward process working with them and we hope to continue to do so as we are aware they provide other services that could be of use to us such as penetration testing or their security services.