Using an Information Security Management System (ISMS) to Achieve Excellence in SaaS Industry.

Our client is one of the largest specialist in provider Information Technology Business Solutions in India. They intended to develop a mature management system that would generate systematic working practises and an innate knowledge and awareness of the importance of information security, reflecting the expectations and requirements of the business market sector that they operates in.

Country: India

No of employees: 250+

Main Product: Information Technology Business Solutions.

.

Standards Implemented;

• ISO 9001: Quality Management System
• ISO 27001: Information Security Management System

.

Implementation Area;

• Product Development
• Research and Development
• IT Services
• Human Resource
• Accounts and Finance Department
• Sales and Marketing

.

Major Benefits;

• Implementation of information security management system has increased the rigour with which some linked controls, such as access control, IT controls, starters and leaver’s processes, are applied,
• Certification provided reassurance to its clients that a ‘best practice’ approach to information security was adopted within the Firm,
• Increased Market Opportunities,
• Clear roles & responsibilities,
• Controls for General Security Measures were established. By using them, clients was able to control the security of assets like financial data, intellectual property, employee information, or information that has been given to them by third parties.

These benefits translated into reducing the Information Security Risk’s up to 75% within a year of Implementation.